From: Eric Leblond <eric@regit.org>
Date: Mon, 5 Jun 2017 14:41:47 +0000 (+0200)
Subject: doc: document drop-invalid option.
X-Git-Tag: suricata-4.0.0-beta1~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a3f07ec02e732ec3533c8760cd8b8caa043ff0bc;p=thirdparty%2Fsuricata.git

doc: document drop-invalid option.
---

diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst
index 15bc00287b..4aea0d27f7 100644
--- a/doc/userguide/configuration/suricata-yaml.rst
+++ b/doc/userguide/configuration/suricata-yaml.rst
@@ -1287,6 +1287,11 @@ anomalies in streams. See :ref:`host-os-policy`.
     midstream: false             # do not allow midstream session pickups
     async_oneside: false         # do not enable async stream handling
     inline: no                   # stream inline mode
+    drop-invalid: yes            # drop invalid packets
+
+The 'drop-invalid' option can be set to no to avoid blocking packets that are
+seen invalid by the streaming engine. This can be useful to cover some weird cases
+seen in some layer 2 IPS setup.
 
 **Example 11   Normal/IDS mode**