From: Victor Julien <victor@inliniac.net>
Date: Tue, 19 May 2015 13:54:41 +0000 (+0200)
Subject: alert-json: fix stream logging for IPS mode
X-Git-Tag: suricata-3.0RC1~414
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1489%2Fhead;p=thirdparty%2Fsuricata.git

alert-json: fix stream logging for IPS mode

Switch direction in IPS mode.
---

diff --git a/src/output-json-alert.c b/src/output-json-alert.c
index f9783b28af..973c657f03 100644
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@@ -267,10 +267,18 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p)
 
                 MemBufferReset(payload);
 
-                if (p->flowflags & FLOW_PKT_TOSERVER) {
-                    flag = FLOW_PKT_TOCLIENT;
+                if (!EngineModeIsIPS()) {
+                    if (p->flowflags & FLOW_PKT_TOSERVER) {
+                        flag = FLOW_PKT_TOCLIENT;
+                    } else {
+                        flag = FLOW_PKT_TOSERVER;
+                    }
                 } else {
-                    flag = FLOW_PKT_TOSERVER;
+                    if (p->flowflags & FLOW_PKT_TOSERVER) {
+                        flag = FLOW_PKT_TOSERVER;
+                    } else {
+                        flag = FLOW_PKT_TOCLIENT;
+                    }
                 }
 
                 StreamSegmentForEach((const Packet *)p, flag,