From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH 1/9] suricata: Set most significant bit as repeat marker Date: Mon, 18 Oct 2021 22:42:20 +0200 Message-ID: <0c968f0f-ea2f-800d-e3c3-c3942ada70f1@ipfire.org> In-Reply-To: <20211018101022.15448-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3903618295561418881==" List-Id: --===============3903618295561418881== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > I have no idea why some odd value was chosen here, but one bit should be > enough. >=20 > Signed-off-by: Michael Tremer > --- > config/suricata/suricata.yaml | 4 ++-- > src/initscripts/system/suricata | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) >=20 > diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml > index 4e9e39967..1ce013dc7 100644 > --- a/config/suricata/suricata.yaml > +++ b/config/suricata/suricata.yaml > @@ -346,8 +346,8 @@ logging: > =20 > nfq: > mode: repeat > - repeat-mark: 1879048192 > - repeat-mask: 1879048192 > + repeat-mark: 2147483648 > + repeat-mask: 2147483648 > # bypass-mark: 1 > # bypass-mask: 1 > # route-queue: 2 > diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suric= ata > index 33633ddf9..e327225d7 100644 > --- a/src/initscripts/system/suricata > +++ b/src/initscripts/system/suricata > @@ -35,8 +35,8 @@ network_zones=3D( red green blue orange ovpn ) > enabled_ips_zones=3D() > =20 > # Mark and Mask options. > -MARK=3D"0x70000000" > -MASK=3D"0x70000000" > +MARK=3D"0x80000000" > +MASK=3D"0x80000000" > =20 > # PID file of suricata. > PID_FILE=3D"/var/run/suricata.pid" >=20 --===============3903618295561418881==--