Actions
Optimization #718
closed"pass" IP-only rules should bypass detection engine after matching
Effort:
Difficulty:
Label:
Description
If a "pass" IP-only rule matches, it will also match for all future packets of that flow. Hence, it makes sense to set a flag in the flow to bypass the detection engine.
Updated by Victor Julien over 11 years ago
- Status changed from Assigned to Closed
- Target version set to 2.0beta1
- % Done changed from 0 to 100
Fixed by:
commit 37c80ea5082bf6e2044f02f44307bf9d9c79906b Author: Victor Julien <victor@inliniac.net> Date: Tue Jan 15 12:55:31 2013 +0100 If an IP-only pass rule matches, set the no inspect flag for that flow. Bug #718.
Actions