doc/userguide: fix default policies for pre_* hooks

Minor other cleanups.
pull/15475/head
Victor Julien 2 months ago
parent da6af0879e
commit ac59883c26

@ -48,11 +48,11 @@ Rules categorized in the following tables apply to all packets.
+-----------------------+--------------------------------------------------------------------+----------------+--------------------------------+
| Table | Description | Default Policy | Rule Order |
+=======================+====================================================================+================+================================+
| ``packet:pre_flow`` | Firewall rules to be evaluated before flow is created/updated | ``drop:packet``| As appears in the rule file |
| ``packet:pre_flow`` | Firewall rules to be evaluated before flow is created/updated | ``accept:hook``| As appears in the rule file |
+-----------------------+--------------------------------------------------------------------+----------------+--------------------------------+
| ``packet:pre_stream`` | Firewall rules to be evaluated before stream is updated | ``drop:packet``| As appears in the rule file |
| ``packet:pre_stream`` | Firewall rules to be evaluated before stream is updated | ``accept:hook``| As appears in the rule file |
+-----------------------+--------------------------------------------------------------------+----------------+--------------------------------+
| ``packet:filter`` | Firewall rules to be evaluated against every packet after decoding | ``drop:packet``| As appears in the rule file |
| ``packet:filter`` | Firewall rules to be evaluated against every packet after decoding | ``drop:packet``| As appears in the rule file |
+-----------------------+--------------------------------------------------------------------+----------------+--------------------------------+
| ``packet:td`` | Generic IDS/IPS threat detection rules | ``accept:hook``| Internal IDS/IPS rule ordering |
+-----------------------+--------------------------------------------------------------------+----------------+--------------------------------+
@ -70,9 +70,9 @@ application layer are per app layer protocol and per protocol state. e.g. ``http
+----------------+--------------------------------------------------------------------------+----------------+--------------------------------+
| Table | Description | Default Policy | Rule Order |
+================+==========================================================================+================+================================+
| ``app:filter`` | Firewall rules to be evaluated per applayer protocol and state | ``drop:flow`` | As appears in the rule file |
| ``app:filter`` | Firewall rules to be evaluated per applayer protocol and state | ``drop:flow`` | As appears in the rule file |
+----------------+--------------------------------------------------------------------------+----------------+--------------------------------+
| ``app:td`` | Generic IDS/IPS threat detection rules | ``accept:hook``| Internal IDS/IPS rule ordering |
| ``app:td`` | App-layer IDS/IPS threat detection rules | ``accept:hook``| Internal IDS/IPS rule ordering |
+----------------+--------------------------------------------------------------------------+----------------+--------------------------------+

Loading…
Cancel
Save