suricata icon indicating copy to clipboard operation
suricata copied to clipboard
verified publisher icon OISF

detect: flush when setting no_inspection

Open catenacyber opened this issue 2 years ago • 1 comments

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/6578

Describe changes:

  • detect: flush when setting no_inspection

So that we can run detection on the clear text of ssh new keys packet

SV_BRANCH=pr/1587

https://github.com/OISF/suricata-verify/pull/1587

#10004 rebased to run on new SV PR (rebased itself)

catenacyber avatar Jan 18 '24 08:01 catenacyber

Information:

ERROR: QA failed on SURI_TLPW2_autofp_suri_time.

field baseline test %
SURI_TLPW2_autofp_stats_chk
.uptime 181 195 107.73%
SURI_TLPR1_stats_chk
.tcp.pseudo 2810 19572 696.51%

Pipeline 17579

suricata-qa avatar Jan 18 '24 11:01 suricata-qa

Replaced by https://github.com/OISF/suricata/pull/10540

catenacyber avatar Feb 29 '24 20:02 catenacyber