git.ipfire.org Git - thirdparty/suricata.git/commit

]> git.ipfire.org Git - thirdparty/suricata.git/commit

projects / thirdparty / suricata.git / commit

author	Victor Julien <victor@inliniac.net>
	Fri, 3 Sep 2021 15:04:02 +0000 (17:04 +0200)
committer	Victor Julien <victor@inliniac.net>
	Thu, 16 Sep 2021 09:36:54 +0000 (11:36 +0200)
commit	aa93984b7e58d3d8c1323f86bdaff937f8b8bd1e
tree	4c5a4e18f9c5b71dd8ec76d4024111b7247760ec	tree
parent	ae89874b066c91675b809e8cf992d780331efb1c	commit \| diff

detect: unify alert handling; fix bugs

Unify handling of signature matches between various rule types and
between noalert and regular rules.

"noalert" sigs are added to the alert queue initially, but removed
from it after handling their actions. This way all actions are applied
from a single place.

Make sure flow drop and pass are mutually exclusive.

The above addresses issue with pass and drops not getting applied
correctly in various cases.

Bug: #4663
Bug: #4670

src/decode.h		diff \| blob \| blame \| history
src/detect-engine-alert.c		diff \| blob \| blame \| history
src/detect-engine-iponly.c		diff \| blob \| blame \| history
src/detect-engine.c		diff \| blob \| blame \| history
src/detect.c		diff \| blob \| blame \| history
src/detect.h		diff \| blob \| blame \| history
src/flow.h		diff \| blob \| blame \| history

Mirror of https://github.com/OISF/suricata.git

RSS Atom