From d6e61b66906e220fd95832a3bc5fc9ae386bb856 Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Fri, 11 Apr 2025 06:44:58 +0200
Subject: [PATCH] firewall: detect: add explanation

---
 src/detect-engine-alert.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 0b20c4b7d8..1c940dfd07 100644
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -394,6 +394,9 @@ static inline void PacketAlertFinalizeProcessQueue(
     for (uint16_t i = 0; i < det_ctx->alert_queue_size; i++) {
         PacketAlert *pa = &det_ctx->alert_queue[i];
         const Signature *s = pa->s;
+
+        /* if a firewall rule told us to skip, we don't count the skipped
+         * alerts. */
         if (have_fw_rules && skip_td && (s->flags & SIG_FLAG_FIREWALL) == 0) {
             continue;
         }
-- 
2.47.2