Suricata

when checking for no tcp flags being set via flags:0; via flags:0; the engine alerts even when flags are set. I have attached a patch that has a failing unittest displaying this issue.

#rules file
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"No flags set"; flags:0; sid:1;)
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"SYN flag set"; flags:S,12; sid:2;)

#tcpdump output of pcap
07:46:00.378379 IP 192.168.77.1.46820 > 192.168.77.191.8888: Flags [S], seq 2098534692, win 2048, options [mss 1460], length 0

#output of log file
11/16/09-13:46:00.378379 [**] [1:1:0] No flags set [**] [Classification: fixme] [Priority: 3] {6} 192.168.77.1:46820 -> 192.168.77.191:8888
11/16/09-13:46:00.378379 [**] [1:2:0] SYN flag set [**] [Classification: fixme] [Priority: 3] {6} 192.168.77.1:46820 -> 192.168.77.191:8888