Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect: introduce "like" ip-only signature type - v2 #7466

Closed
wants to merge 1 commit into from
Closed

detect: introduce "like" ip-only signature type - v2 #7466

wants to merge 1 commit into from

Conversation

jasonish
Copy link
Member

@jasonish jasonish commented Jun 2, 2022

Rules that look like they should be IP-only but contain a negated rule
address are now marked with an LIKE_IPONLY flag. This is so they are
treated like IPONLY rules with respect to flow action, but don't
interfere with other IPONLY processing like using the radix tree.

Ticket: https://redmine.openinfosecfoundation.org/issues/5361

Previous PR:

Changes from last PR:

  • Rebase
  • Attempt to make cocci happy, but still unsuccessful.

suricata-verify-pr: 824

@jasonish
detect: introduce "like" ip-only signature type
710d6ad 
Rules that look like they should be IP-only but contain a negated rule
address are now marked with an LIKE_IPONLY flag. This is so they are
treated like IPONLY rules with respect to flow action, but don't
interfere with other IPONLY processing like using the radix tree.

Ticket: OISF#5361
@jasonish jasonish requested a review from a team as a code owner June 2, 2022 01:44
@jasonish jasonish mentioned this pull request Jun 2, 2022
Closed
@codecov
Copy link

codecov bot commented Jun 2, 2022

Codecov Report

Merging #7466 (710d6ad) into master (ebf0629) will increase coverage by 0.01%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master    #7466      +/-   ##
==========================================
+ Coverage   75.85%   75.87%   +0.01%     
==========================================
  Files         657      657              
  Lines      189465   189469       +4     
==========================================
+ Hits       143713   143753      +40     
+ Misses      45752    45716      -36
Flag Coverage Δ
fuzzcorpus 60.51% <100.00%> (+0.08%) ⬆️
suricata-verify 52.02% <100.00%> (-0.02%) ⬇️
unittests 60.89% <100.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

@victorjulien
Copy link
Member

"Attempt to make cocci happy, but still unsuccessful." -> it passed actually, the failure was in MacOS but was a flaky test

@suricata-qa
Copy link

ERROR:

ERROR: QA failed on tlpw1_files_sha256.

ERROR: QA failed on tlpr1_alerts_cmp.

Pipeline 7639

@victorjulien victorjulien mentioned this pull request Jun 2, 2022
Merged
@victorjulien
Copy link
Member

Merged in #7467, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
3 participants
@jasonish @victorjulien @suricata-qa