From 95d5eaa16b2ed65fbc7f44f8a29d154fab7745d0 Mon Sep 17 00:00:00 2001
From: Victor Julien <vjulien@oisf.net>
Date: Fri, 28 Feb 2025 06:48:30 +0100
Subject: [PATCH] SQUASH WIP fw rules

---
 src/detect-engine-sigorder.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/detect-engine-sigorder.c b/src/detect-engine-sigorder.c
index ec620fc0d566..2173508b933c 100644
--- a/src/detect-engine-sigorder.c
+++ b/src/detect-engine-sigorder.c
@@ -784,8 +784,6 @@ void SCSigOrderSignatures(DetectEngineCtx *de_ctx)
 
     Signature *sig = de_ctx->sig_list;
     while (sig != NULL) {
-        SCLogNotice("sig %u", sig->id);
-
         sigw = SCSigAllocSignatureWrapper(sig);
         if (sig->init_data->firewall_rule) {
             /* Push signature wrapper onto a list, order doesn't matter here. */
@@ -802,6 +800,9 @@ void SCSigOrderSignatures(DetectEngineCtx *de_ctx)
 #endif
     }
 
+    /* despite having Append in the name, the new Sig/Rule funcs actually prepend with some special
+     * logic around bidir sigs. So to respect the firewall rule order, we sort this part of the list
+     * by the add order. */
     SCSigOrderFunc OrderFn = { .SWCompare = SCSigOrderByIIdCompare, .next = NULL };
     fw_sigw_list = SCSigOrder(fw_sigw_list, &OrderFn);