http.connection - allow in server response
Currently when using http.connection in combination with "to_client" produces the following error
Problem starting Suricata daemon: 7/12/2022 -- 19:57:49 - <Error> - [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - rule 1 mixes keywords with conflicting directions
however, for whatever reason, the connection header is often observed in the HTTP Server Response.
This limitation forces the use of http.header to match on the Connection header instead of using the more specific buffer.