From: Juliana Fajardini <jufajardini@oisf.net>
Date: Thu, 1 Jun 2023 01:52:48 +0000 (-0300)
Subject: exception: extract 'auto' check to function
X-Git-Tag: suricata-6.0.14~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=49ba6db3f354b7e9d15c17831d709e3d5e84b20d;p=thirdparty%2Fsuricata.git

exception: extract 'auto' check to function

Part of
Bug #5825

(cherry picked from commit e849afbda14aae690ab7b2b8c0734aaeba490ec9)
---

diff --git a/src/util-exception-policy.c b/src/util-exception-policy.c
index 383c72d370..820fd2a10a 100644
--- a/src/util-exception-policy.c
+++ b/src/util-exception-policy.c
@@ -183,6 +183,19 @@ static enum ExceptionPolicy ExceptionPolicyConfigValueParse(
     return policy;
 }
 
+static enum ExceptionPolicy ExceptionPolicyPickAuto(bool midstream_enabled, bool support_flow)
+{
+    enum ExceptionPolicy policy = EXCEPTION_POLICY_NOT_SET;
+    if (!midstream_enabled && EngineModeIsIPS()) {
+        if (support_flow) {
+            policy = EXCEPTION_POLICY_DROP_FLOW;
+        } else {
+            policy = EXCEPTION_POLICY_DROP_PACKET;
+        }
+    }
+    return policy;
+}
+
 static enum ExceptionPolicy ExceptionPolicyMasterParse(const char *value)
 {
     enum ExceptionPolicy policy = EXCEPTION_POLICY_NOT_SET;
@@ -227,6 +240,9 @@ enum ExceptionPolicy ExceptionPolicyParse(const char *option, bool support_flow)
             policy = ExceptionPolicyMasterParse(value_str);
         } else {
             policy = ExceptionPolicyConfigValueParse(option, value_str);
+            if (policy == EXCEPTION_POLICY_AUTO) {
+                policy = ExceptionPolicyPickAuto(false, support_flow);
+            }
             if (!support_flow) {
                 policy = PickPacketAction(option, policy);
             }
@@ -246,7 +262,9 @@ enum ExceptionPolicy ExceptionPolicyMidstreamParse(bool midstream_enabled)
     /* policy was set directly */
     if ((ConfGet("stream.midstream-policy", &value_str)) == 1 && value_str != NULL) {
         policy = ExceptionPolicyConfigValueParse("midstream-policy", value_str);
-        if (midstream_enabled) {
+        if (policy == EXCEPTION_POLICY_AUTO) {
+            policy = ExceptionPolicyPickAuto(midstream_enabled, true);
+        } else if (midstream_enabled) {
             if (policy != EXCEPTION_POLICY_NOT_SET && policy != EXCEPTION_POLICY_PASS_FLOW) {
                 FatalErrorOnInit(SC_ERR_INVALID_VALUE,
                         "Error parsing stream.midstream-policy from config file. \"%s\" is "