[4/4] suricata: Set midstream-policy to pass-packet

Message ID 20240405192640.5215-4-stefan.schantl@ipfire.org
State Accepted
Commit 76a451809154ae1aa338e2ec38b820283a68b788
Series [1/4] suricata: Update suricata.yaml |

Commit Message

Stefan Schantl April 5, 2024, 7:26 p.m. UTC
  Set this value to the same as the exception-policy to keep in sync and
hopefully have the same behaviour. In case this option is not set an
ugly message about a not correctly set value will be logged to syslog
during startup.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
 config/suricata/suricata.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 9c8107429..b8f99c8b5 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -1117,7 +1117,7 @@  stream:
   #memcap-policy: ignore
   checksum-validation: yes      # reject incorrect csums
   #midstream: false
-  #midstream-policy: ignore
+  midstream-policy: pass-packet
   inline: auto                  # auto will use inline mode in IPS mode, yes or no set it statically
   bypass: yes                   # Bypass packets when stream.reassembly.depth is reached.