mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 11:29:26 +00:00
6be4830342
* Improve compatibility with falco 0.9.0 Temporarily remove some rules features that are not compatible with falco 0.9.0. We'll release a new falco soon, after which we'll add these rules features back. * Disable the unexpected udp traffic rule by default Some applications will connect a udp socket to an address only to test connectivity. Assuming the udp connect works, they will follow up with a tcp connect that actually sends/receives data. This occurs often enough that we don't want to update the Unexpected UDP Traffic rule by default, so add a macro do_unexpected_udp_check which is set to never_true. To opt-in, override the macro to use the condition always_true.