From d4c036718adebca2538a4eca151dea6c84eee451 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <pantoine@oisf.net>
Date: Thu, 19 Mar 2026 15:08:08 +0100
Subject: [PATCH] detect/geoip: do not require packet

Ticket: 8333

Allows to pass on pseudo packets

So, that a ruleset like
pass ssh any any -> any any (geoip:any,US,IN; sid: 1;)
drop ip any any -> any any (flow:established, to_server; sid:2;)

Does not lead to a drop on the pseudo-packet when we flush
because ssh traffic gets encrypted
---
 src/detect-geoip.c | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/src/detect-geoip.c b/src/detect-geoip.c
index a48b505527..a43dc2d582 100644
--- a/src/detect-geoip.c
+++ b/src/detect-geoip.c
@@ -250,8 +250,6 @@ static int DetectGeoipMatch(DetectEngineThreadCtx *det_ctx,
     const DetectGeoipData *geoipdata = (const DetectGeoipData *)ctx;
     int matches = 0;
 
-    DEBUG_VALIDATE_BUG_ON(PKT_IS_PSEUDOPKT(p));
-
     if (PacketIsIPv4(p)) {
         if (geoipdata->flags & ( GEOIP_MATCH_SRC_FLAG | GEOIP_MATCH_BOTH_FLAG ))
         {
@@ -416,7 +414,6 @@ static int DetectGeoipSetup(DetectEngineCtx *de_ctx, Signature *s, const char *o
                 de_ctx, s, DETECT_GEOIP, (SigMatchCtx *)geoipdata, DETECT_SM_LIST_MATCH) == NULL) {
         goto error;
     }
-    s->flags |= SIG_FLAG_REQUIRE_PACKET;
 
     return 0;