From: Shravan Rangarajuvenkata (shrarang) Date: Thu, 5 Aug 2021 18:53:12 +0000 (+0000) Subject: Merge pull request #3007 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_change_req_body... X-Git-Tag: 3.1.10.0~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1e90dbae3284e57961f8da691fff9f38a92e4e50;p=thirdparty%2Fsnort3.git Merge pull request #3007 in SNORT/snort3 from ~CLJUDGE/snort3:snort3_change_req_body to master Squashed commit of the following: commit d2ff026b81050ec472acd1fdb29369a5e4fc23e0 Author: cljudge Date: Thu Jul 29 10:31:26 2021 -0400 http_inspect: Change the default value of request_body_app_detection config parameter to true. --- diff --git a/src/service_inspectors/http_inspect/http_module.cc b/src/service_inspectors/http_inspect/http_module.cc index 644d4d47a..ece3f5a6e 100755 --- a/src/service_inspectors/http_inspect/http_module.cc +++ b/src/service_inspectors/http_inspect/http_module.cc @@ -124,7 +124,7 @@ const Parameter HttpModule::http_params[] = "specifies the xff type headers to parse and consider in the same order " "of preference as defined" }, - { "request_body_app_detection", Parameter::PT_BOOL, nullptr, "false", + { "request_body_app_detection", Parameter::PT_BOOL, nullptr, "true", "make HTTP/2 request message bodies available for application detection " "(detection requires AppId)" }, diff --git a/src/service_inspectors/http_inspect/http_module.h b/src/service_inspectors/http_inspect/http_module.h index 2374d253a..e716ed93f 100755 --- a/src/service_inspectors/http_inspect/http_module.h +++ b/src/service_inspectors/http_inspect/http_module.h @@ -47,7 +47,7 @@ public: bool decompress_zip = false; bool script_detection = false; snort::LiteralSearch::Handle* script_detection_handle = nullptr; - bool publish_request_body = false; + bool publish_request_body = true; struct JsNormParam {