exceptions: add callbacks for drop-flow policy

Make sure that when the policy is to drop the flow, we set no inspection for payload and packet and disable applayer inspection as well. Task #5468 (cherry picked from commit 242b8f7d65)
4 years ago · 430bb1cf74
parent 6f1f651906
commit 430bb1cf74
1 changed files with 4 additions and 0 deletions
--- a/src/util-exception-policy.c
+++ b/src/util-exception-policy.c
@ -22,6 +22,7 @@
 #include "suricata-common.h"
 #include "util-exception-policy.h"
 #include "util-misc.h"
+#include "stream-tcp-reassemble.h"

 void ExceptionPolicyApply(Packet *p, enum ExceptionPolicy policy, enum PacketDropReason drop_reason)
 {
@ -34,6 +35,9 @@ void ExceptionPolicyApply(Packet *p, enum ExceptionPolicy policy, enum PacketDro
                SCLogDebug("EXCEPTION_POLICY_DROP_FLOW");
                if (p->flow) {
                    p->flow->flags |= FLOW_ACTION_DROP;
+                    FlowSetNoPayloadInspectionFlag(p->flow);
+                    FlowSetNoPacketInspectionFlag(p->flow);
+                    StreamTcpDisableAppLayer(p->flow);
                }
                /* fall through */
            case EXCEPTION_POLICY_DROP_PACKET: