]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cc6319b) | patch
detect: avoids case of useless detection on txs
authorPhilippe Antoine <pantoine@oisf.net>
Thu, 7 Sep 2023 12:33:04 +0000 (14:33 +0200)
committerVictor Julien <vjulien@oisf.net>
Tue, 30 Jan 2024 12:21:08 +0000 (13:21 +0100)
commitf19b3a89e0ba31774e3e68ebbe8be51919d0c64e
treeb24bc2836c5eb437e71c42d931e908d89845a669tree
parentcc6319b37c23b33fd38a446c068c2f777d6422c1commit | diff
detect: avoids case of useless detection on txs

When a TCP flow packet has not led to app-layer updates,
it is useless to run DetectRunTx, as there cannot be new
matches.

This happens for instance, when one side sends in a row multiple
packets which are not acked (and thus not parsed in IDS mode).

Doing so requires to move up the call to
AppLayerParserSetTransactionInspectId
so that it is run the same times DetectRunTx is run, and not in the
case where the transaction was not updated.

Ticket: 6299
(cherry picked from commit 9240ae250cc369306803740279df2ab3eca6b54a)
src/detect.c diff | blob | blame | history
src/util-unittest-helper.c diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git