Optimization #718
closed
"pass" IP-only rules should bypass detection engine after matching
Added by Victor Julien over 11 years ago.
Updated about 11 years ago.
Description
If a "pass" IP-only rule matches, it will also match for all future packets of that flow. Hence, it makes sense to set a flag in the flow to bypass the detection engine.
- Status changed from Assigned to Closed
- Target version set to 2.0beta1
- % Done changed from 0 to 100
Fixed by:
commit 37c80ea5082bf6e2044f02f44307bf9d9c79906b
Author: Victor Julien <victor@inliniac.net>
Date: Tue Jan 15 12:55:31 2013 +0100
If an IP-only pass rule matches, set the no inspect flag for that flow. Bug #718.
Also available in: Atom
PDF