Bug #5038

Updated by Jason Ish 10 months ago

A simple rule such as alert @tftp any any -> any any (msg:"test"; sid:10008; rev:1;)@ fails to load with the following error: 

 [ERRCODE: SC_ERR_UNKNOWN_PROTOCOL(124)] - protocol "tftp" cannot be used in a signature. Either detection for this protocol is not yet supported OR detection has been disabled for protocol through the yaml option app-layer.protocols.tftp.detection-enabled 

 This appears to have been broken with this commit in the master-6.0.x branch,, and has been fixed in master with which cleanly cherry-picks into master-6.0.x.