From: Juliana Fajardini Date: Tue, 30 May 2023 13:41:49 +0000 (-0300) Subject: stream/tcp: re-enable midstream-policy usage X-Git-Tag: suricata-7.0.0-rc2~22 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=69d3750aaf29940c87797eb49ceef7c385e06f43;p=thirdparty%2Fsuricata.git stream/tcp: re-enable midstream-policy usage We were always setting it to ignore, due to bug 5825. The engine will now issue an initialization error if an invalid value is passed in the configuration file for midstream exception policy. 'pass-packet' or 'drop-packet' are never valid, as the midstream policy concerns the whole flow, not making sense for just a packet. If midstream is enabled, only two actual config values are allowed: 'ignore' and 'pass-flow', both in IDS and in IPS mode. In default mode ('auto' or if no policy is defined), midstream-policy is set to 'ignore'. All other values will lead to initialization error. In IDS mode, 'drop-flow' will also lead to initialization error. Part of Bug #5825 --- diff --git a/src/stream-tcp.c b/src/stream-tcp.c index d30bb39a48..0f1c2df534 100644 --- a/src/stream-tcp.c +++ b/src/stream-tcp.c @@ -469,12 +469,7 @@ void StreamTcpInitConfig(bool quiet) stream_config.ssn_memcap_policy = ExceptionPolicyParse("stream.memcap-policy", true); stream_config.reassembly_memcap_policy = ExceptionPolicyParse("stream.reassembly.memcap-policy", true); - stream_config.midstream_policy = ExceptionPolicyParse("stream.midstream-policy", true); - if (stream_config.midstream && stream_config.midstream_policy != EXCEPTION_POLICY_NOT_SET) { - SCLogWarning("stream.midstream_policy setting conflicting with stream.midstream enabled. " - "Ignoring stream.midstream_policy. Bug #5825."); - stream_config.midstream_policy = EXCEPTION_POLICY_NOT_SET; - } + stream_config.midstream_policy = ExceptionPolicyMidstreamParse(stream_config.midstream); if (!quiet) { SCLogConfig("stream.\"inline\": %s",