Bug #6149: exceptions: 'auto' policy not considered valid value in IDS mode - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6149

closed

exceptions: 'auto' policy not considered valid value in IDS mode

Added by Juliana Fajardini Reichow over 1 year ago. Updated over 1 year ago.

Status:

Closed

Priority:

Normal

Assignee:

Juliana Fajardini Reichow

Target version:

7.0.0

Affected Versions:

7.0.0-rc2

Effort:

Difficulty:

Label:

Description

When in IDS mode, Suricata issues a warning that 'auto' isn't a valid config option, and proceeds to setting
the master switch (and possibly other values, too) to `ignore` (see image attached).

Two fixes needed:
- 'auto' is valid, it just defaults to 'ignore' in IDS mode, so no warning should happen
- the "exception policy: exception policy" is confusing, reword the message

The function for parsing the master switch should probably be re-worked to avoid that last part.

Files

image (1).png (40.7 KB) image (1).png

Juliana Fajardini Reichow, 06/14/2023 06:34 PM

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #6149

exceptions: 'auto' policy not considered valid value in IDS mode

Updated by Juliana Fajardini Reichow over 1 year ago

Updated by Juliana Fajardini Reichow over 1 year ago

Updated by Juliana Fajardini Reichow over 1 year ago

Updated by Juliana Fajardini Reichow over 1 year ago