From da9dc17f255f8d45c8f2c436994a50b8eee1a1be Mon Sep 17 00:00:00 2001
From: Matteo Biscosi <49585191+MatteoBiscosi@users.noreply.github.com>
Date: Thu, 28 Jan 2021 23:34:46 +0100
Subject: [PATCH] Fixed remote to local alert wrong parameter

---
 .../user_scripts/flow/remote_to_local_insecure_proto.lua  | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/scripts/plugins/alerts/security/remote_to_local_insecure_proto/user_scripts/flow/remote_to_local_insecure_proto.lua b/scripts/plugins/alerts/security/remote_to_local_insecure_proto/user_scripts/flow/remote_to_local_insecure_proto.lua
index 0d4f75656a..7914d43365 100644
--- a/scripts/plugins/alerts/security/remote_to_local_insecure_proto/user_scripts/flow/remote_to_local_insecure_proto.lua
+++ b/scripts/plugins/alerts/security/remote_to_local_insecure_proto/user_scripts/flow/remote_to_local_insecure_proto.lua
@@ -33,7 +33,7 @@ local script = {
 
 -- #################################################################
 
-function script.hooks.protocolDetected(params)
+function script.hooks.protocolDetected(now, conf)
    -- Is Remote to Local?
    if flow.isRemoteToLocal() then
       local flow_info = flow.getInfo()
@@ -80,11 +80,7 @@ function script.hooks.protocolDetected(params)
             breed_or_category
          )
 
-         if cli_score >= (flow_consts.max_score // 2) then
-            alert:set_severity(params.user_script_config.severity)
-         else
-            alert:set_severity(params.user_script_config.severity)
-         end
+         alert:set_severity(conf.severity)
 
          alert:trigger_status(cli_score, srv_score, flow_score)
       end