]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c3b3c11) | patch
detect: avoids case of useless detection on txs
authorPhilippe Antoine <pantoine@oisf.net>
Thu, 7 Sep 2023 12:33:04 +0000 (14:33 +0200)
committerVictor Julien <victor@inliniac.net>
Tue, 30 Jan 2024 08:35:16 +0000 (09:35 +0100)
commit9240ae250cc369306803740279df2ab3eca6b54a
treea4b586f365e9518375b65d6e9752c83d95b903e8tree
parentc3b3c11e30e1afdbde5c196a0692ee5e2c379cb1commit | diff
detect: avoids case of useless detection on txs

When a TCP flow packet has not led to app-layer updates,
it is useless to run DetectRunTx, as there cannot be new
matches.

This happens for instance, when one side sends in a row multiple
packets which are not acked (and thus not parsed in IDS mode).

Doing so requires to move up the call to
AppLayerParserSetTransactionInspectId
so that it is run the same times DetectRunTx is run, and not in the
case where the transaction was not updated.

Ticket: 6299
src/detect.c diff | blob | blame | history
src/util-unittest-helper.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git