Before, if an invalid value was passed as exception policy, Suricata
would log a warning and set the exception policy to "ignore". This is a
very different result, than, say, dropping or bypassing a midstream flow.
Task #5504
policy = EXCEPTION_POLICY_IGNORE;
SCLogConfig("%s: %s", option, value_str);
} else {
- SCLogConfig("%s: ignore", option);
+ FatalErrorOnInit(SC_ERR_INVALID_ARGUMENT,
+ "\"%s\" is not a valid exception policy value. Valid options are drop-flow, "
+ "pass-flow, bypass, drop-packet, pass-packet or ignore.",
+ value_str);
}
if (!support_flow) {
projects / thirdparty / suricata.git / commitdiff
