From: Anna Norokh -X (anorokh - SOFTSERVE INC at Cisco) <anorokh@cisco.com>
Date: Mon, 11 Sep 2023 14:54:56 +0000 (+0000)
Subject: Pull request #3987: detection: fix of default ips policy switching
X-Git-Tag: 3.1.71.0~14
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1374ec49f23e47b7655555b266676be4ae9d622;p=thirdparty%2Fsnort3.git

Pull request #3987: detection: fix of default ips policy switching

Merge in SNORT/snort3 from ~ANOROKH/snort3:file_id_tenant_fix to master

Squashed commit of the following:

commit 4a0f89aab337ca876c5a46014f5be2c36217c42e
Author: Anna Norokh <anorokh@cisco.com>
Date:   Fri Sep 1 18:15:37 2023 +0300

    detection: fix of default ips policy switching

    Because in case of tenant or adress_space configurations, previous code will switch
    policy to network related IPS policy, not to default.
---

diff --git a/src/detection/fp_detect.cc b/src/detection/fp_detect.cc
index 1ce83bf6e..5069726a2 100644
--- a/src/detection/fp_detect.cc
+++ b/src/detection/fp_detect.cc
@@ -1399,7 +1399,7 @@ void fp_eval_service_group(Packet* p, SnortProtocolId snort_protocol_id)
     IpsContext::ActiveRules actv_rules = c->active_rules;
     c->active_rules = IpsContext::CONTENT;
     IpsPolicy* ips_policy = snort::get_ips_policy();
-    snort::set_ips_policy(get_default_ips_policy(SnortConfig::get_conf()));
+    snort::set_ips_policy(get_ips_policy(SnortConfig::get_conf()));
 
     print_pkt_info(p, "file_id fast-patterns"); //FIXIT
     fpEvalHeaderSW(svc, p, 0, FPTask::FP, true, true);