From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 9 Dec 2021 14:40:09 +0000 (+0100)
Subject: detect: logs an error if a protocol is disabled
X-Git-Tag: suricata-7.0.0-beta1~962
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1e1a4ab1c40b53dca6d24b848bf8abc69f282622;p=thirdparty%2Fsuricata.git

detect: logs an error if a protocol is disabled

So that the user knows that the rule cannot match
---

diff --git a/src/detect-parse.c b/src/detect-parse.c
index e3cb589729..e52a20aae1 100644
--- a/src/detect-parse.c
+++ b/src/detect-parse.c
@@ -1507,6 +1507,11 @@ int DetectSignatureSetAppProto(Signature *s, AppProto alproto)
         }
     }
 
+    if (AppLayerProtoDetectGetProtoName(alproto) == NULL) {
+        SCLogError(SC_ERR_INVALID_ARGUMENT, "disabled alproto %s, rule can never match",
+                AppProtoToString(alproto));
+        return -1;
+    }
     s->alproto = alproto;
     s->flags |= SIG_FLAG_APPLAYER;
     return 0;