exceptions: fix 'auto' for master switch in IDS

If the master exception policy was set to 'auto' in IDS mode, instead of
just setting the master switch to the default in this case, which is
'ignore', the engine would switch a warning saying that auto wasn't a
valid config and then set the policy to ignore.

This makes 'auto' work for the master switch in IDS, removes function
for setting IPS option and handles the valid IDS options directly from
the function that parses the master policy, as this was the only place
where the function was still called.

Bug OISF#6149

src/util-exception-policy.c

@@ -114,16 +114,6 @@ void ExceptionPolicyApply(Packet *p, enum ExceptionPolicy policy, enum PacketDro
     SCLogDebug("end");
 }
 
-static enum ExceptionPolicy SetIPSOption(
-        const char *option, const char *value_str, enum ExceptionPolicy p)
-{
-    if (!EngineModeIsIPS()) {
-        SCLogWarning("%s: %s not a valid config in IDS mode. Ignoring it.", option, value_str);
-        return EXCEPTION_POLICY_NOT_SET;
-    }
-    return p;
-}
-
 static enum ExceptionPolicy PickPacketAction(const char *option, enum ExceptionPolicy p)
 {
     switch (p) {
@@ -200,10 +190,15 @@ static enum ExceptionPolicy ExceptionPolicyPickAuto(bool midstream_enabled, bool
 static enum ExceptionPolicy ExceptionPolicyMasterParse(const char *value)
 {
     enum ExceptionPolicy policy = ExceptionPolicyConfigValueParse("exception-policy", value);
-    policy = SetIPSOption("exception-policy", value, policy);
+    if (policy == EXCEPTION_POLICY_AUTO) {
+        policy = ExceptionPolicyPickAuto(false, true);
+    } else if (!EngineModeIsIPS() &&
+               (policy == EXCEPTION_POLICY_DROP_PACKET || policy == EXCEPTION_POLICY_DROP_FLOW)) {
+        policy = EXCEPTION_POLICY_NOT_SET;
+    }
     g_eps_have_exception_policy = true;
 
-    SCLogInfo("exception-policy set to: %s", ExceptionPolicyEnumToString(policy));
+    SCLogInfo("master exception-policy set to: %s", ExceptionPolicyEnumToString(policy));
 
     return policy;
 }