pass rule not working

[Bill Essig <billessig () gmail com>]

Yes, I read the FAQ. I hope none of you have to drink too much after my
question.
I have the following in my snort.conf file:

--
pass tcp 192.168.1.100 any -> 192.168.1.99 80
--

So, I just decide to ask for /usr/bin/cc in my URL:
http://192.168.1.99/index.php?arg=/usr/bin/cc
I thought due to my rule, this would not be logged or alerted. (fast alerts)
So I cat my alert log, and get:

--
02/11-22:53:13.287208  [**] [1:1343:5] WEB-ATTACKS /usr/bin/cc command
attempt [**] [Classification: Web Application Attack] [Priority: 1] {TCP}
192.168.1.100:2123 -> 192.168.1.99:80
--

It was my understanding that this was not to show up. Any clues?

~William