upstream/suricata
1
0
Fork 0
mirror of https://github.com/OISF/suricata.git synced 2026-05-28 04:32:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

detect/firewall: minor code cleanup

Browse source
This commit is contained in:
Victor Julien 2026-05-22 15:04:10 +02:00
parent 417a45d7e5
commit e724d88301
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/detect.c
View file

@ -1782,6 +1782,9 @@ static enum DetectTxFirewallFlowControl DetectRunTxPreCheckFirewallPolicy(
const Signature *s, const uint32_t can_idx, struct DetectFirewallAppTxState *fw_state,
const bool last_tx)
{
if ((s->flags & SIG_FLAG_FIREWALL) != 0 && fw_state->fw_skip_app_filter) {
return DETECT_TX_FW_FC_SKIP;
}
if (p->flow->flags & FLOW_ACTION_ACCEPT) {
if (fw_state->tx_fw_verdict == false) {
fw_state->tx_fw_verdict = true;
@ -2271,9 +2274,6 @@ static void DetectRunTx(ThreadVars *tv,
tx.detect_progress, tx.detect_progress_orig, s->app_progress_hook);
if (have_fw_rules) {
if ((s->flags & SIG_FLAG_FIREWALL) != 0 && fw_state.fw_skip_app_filter) {
continue;
}
const enum DetectTxFirewallFlowControl fw_r = DetectRunTxPreCheckFirewallPolicy(
det_ctx, p, &tx, flow_flags & (STREAM_TOSERVER | STREAM_TOCLIENT), s, i,
&fw_state, last_tx);