From d14f7b1125f3d4d991513a238e05494def3a4d96 Mon Sep 17 00:00:00 2001 From: Juliana Fajardini Date: Thu, 18 Jan 2024 17:24:33 -0300 Subject: [PATCH] userguide: clarify midstream exception policy The description of behavior when midstream is enabled and exception policy is set to ignore wasn't descriptive enough. Fix typos. --- doc/userguide/configuration/exception-policies.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/userguide/configuration/exception-policies.rst b/doc/userguide/configuration/exception-policies.rst index 5944f529428a..aae2acff5d46 100644 --- a/doc/userguide/configuration/exception-policies.rst +++ b/doc/userguide/configuration/exception-policies.rst @@ -46,7 +46,7 @@ Auto '''' **In IPS mode**, the default behavior for most of the exception policies is to -fail close. This means droping the flow, or the packet, when the flow action is +fail close. This means dropping the flow, or the packet, when the flow action is not supported. The default policy for the midstream exception will be ignore if midstream flows are accepted. @@ -131,7 +131,7 @@ midstream pick-ups enabled or not and the various exception policy values: - Midstream pick-up sessions ENABLED (stream.midstream=true) - Midstream pick-up sessions DISABLED (stream.midstream=false) * - Ignore - - Session tracket and parsed. + - Session tracked and parsed, inspect and log app-layer traffic, do detection. - Session not tracked. No app-layer inspection or logging. No detection. No stream reassembly. * - Drop-flow - Not valid.* @@ -169,7 +169,7 @@ whole flow. - Midstream pick-up sessions ENABLED (stream.midstream=true) - Midstream pick-up sessions DISABLED (stream.midstream=false) * - Ignore - - Session tracket and parsed. + - Session tracked and parsed, inspect and log app-layer traffic, do detection. - Session not tracked. No app-layer inspection or logging. No detection. No stream reassembly. * - Drop-flow - Not valid.*