suricata
suricata copied to clipboard
detect/alert: ensure reject action is applied to packet/flow - v2
Previous PR: #7661
Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/5458
Changes from last PR:
- Added two unittests to check for correct packet-action flags after signature matching
Thoughts:
- should more unittests be added?
- Many places call PacketDrop in contexts where we don't have a rule nor is it clear what action resulted in the drop. I passed ACTION_DROP in all those cases. Wondering if we should have something more specific/descriptive?
Codecov Report
Merging #7682 (964c1b1) into master (5f4bcfe) will decrease coverage by
0.01%
. The diff coverage is96.77%
.
@@ Coverage Diff @@
## master #7682 +/- ##
==========================================
- Coverage 75.93% 75.91% -0.02%
==========================================
Files 659 659
Lines 185639 185657 +18
==========================================
- Hits 140958 140941 -17
- Misses 44681 44716 +35
Flag | Coverage Δ | |
---|---|---|
fuzzcorpus | 60.65% <33.33%> (-0.07%) |
:arrow_down: |
suricata-verify | 52.54% <78.57%> (+<0.01%) |
:arrow_up: |
unittests | 60.72% <87.09%> (+<0.01%) |
:arrow_up: |
Flags with carried forward coverage won't be shown. Click here to find out more.
Information: QA ran without warnings.
Pipeline 8465
Replaced by: https://github.com/OISF/suricata/pull/7723