suricata
suricata copied to clipboard
Published
20 hours ago •
OISF
OISF
detect/alert: ensure reject action is applied to packet/flow - v2
Previous PR: #7661
Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/5458
Changes from last PR:
- Added two unittests to check for correct packet-action flags after signature matching
Thoughts:
- should more unittests be added?
- Many places call PacketDrop in contexts where we don't have a rule nor is it clear what action resulted in the drop. I passed ACTION_DROP in all those cases. Wondering if we should have something more specific/descriptive?
Codecov Report
Merging #7682 (964c1b1) into master (5f4bcfe) will decrease coverage by
0.01%. The diff coverage is96.77%.
@@ Coverage Diff @@
## master #7682 +/- ##
==========================================
- Coverage 75.93% 75.91% -0.02%
==========================================
Files 659 659
Lines 185639 185657 +18
==========================================
- Hits 140958 140941 -17
- Misses 44681 44716 +35
| Flag | Coverage Δ | |
|---|---|---|
| fuzzcorpus | 60.65% <33.33%> (-0.07%) |
:arrow_down: |
| suricata-verify | 52.54% <78.57%> (+<0.01%) |
:arrow_up: |
| unittests | 60.72% <87.09%> (+<0.01%) |
:arrow_up: |
Flags with carried forward coverage won't be shown. Click here to find out more.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
