detect: set drop reason for rule based drops

Call `PacketDrop` with drop reason for drops, keep old logic
in place for the rest.

(cherry picked from commit a89840929b46b765787bec3ae5cad529f558af0a)

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 66f7bb7815e8d718cdc680ebefa294c784a6e300..84bab6ec34a96fca22cde63eb16211bede74faa7 100644 (file)
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -178,9 +178,10 @@ static void PacketApplySignatureActions(Packet *p, const Signature *s, const uin
 {
     SCLogDebug("packet %" PRIu64 " sid %u action %02x alert_flags %02x", p->pcap_cnt, s->id,
             s->action, alert_flags);
-    PACKET_UPDATE_ACTION(p, s->action);
 
     if (s->action & ACTION_DROP) {
+        PacketDrop(p, PKT_DROP_REASON_RULES);
+
         if (p->alerts.drop.action == 0) {
             p->alerts.drop.num = s->num;
             p->alerts.drop.action = s->action;
@@ -189,8 +190,11 @@ static void PacketApplySignatureActions(Packet *p, const Signature *s, const uin
         if ((p->flow != NULL) && (alert_flags & PACKET_ALERT_FLAG_APPLY_ACTION_TO_FLOW)) {
             RuleActionToFlow(s->action, p->flow);
         }
-    } else if (s->action & ACTION_PASS) {
-        if ((p->flow != NULL) && (alert_flags & PACKET_ALERT_FLAG_APPLY_ACTION_TO_FLOW)) {
+    } else {
+        PACKET_UPDATE_ACTION(p, s->action);
+
+        if ((s->action & ACTION_PASS) && (p->flow != NULL) &&
+                (alert_flags & PACKET_ALERT_FLAG_APPLY_ACTION_TO_FLOW)) {
             RuleActionToFlow(s->action, p->flow);
         }
     }