intrusion detection: behaviour change in suricata 7

opnsense · Jan 30, 2024 · f5ae0c8 · f5ae0c8
1 parent 890ca64
commit f5ae0c8
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@@ -1333,6 +1333,8 @@ stream:
  checksum-validation: yes # reject wrong csums
  inline: {% if OPNsense.IDS.general.ips|default("0") == "1" %}true{% else %}auto{% endif %}
 
+ midstream:
+ midstream-policy: ignore
  reassembly:
  memcap: 256mb
  depth: 1mb # reassemble 1mb into a stream