From 0d676c7bf6494a77a078a8b6e0a2aec444428341 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Tue, 30 Jan 2024 21:41:27 +0100
Subject: [PATCH] intrusion detection: behaviour change in suricata 7 [2]

---
 src/opnsense/service/templates/OPNsense/IDS/suricata.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
index 2149e55c0..c75f0a165 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+++ b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@@ -1333,8 +1333,8 @@ stream:
   checksum-validation: yes      # reject wrong csums
   inline: {% if OPNsense.IDS.general.ips|default("0") == "1" %}true{% else %}auto{% endif %}
 
-  midstream:
-    midstream-policy: ignore
+  midstream-policy: ignore
+
   reassembly:
     memcap: 256mb
     depth: 1mb                  # reassemble 1mb into a stream