From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCHv2] suricata: Use device ppp0 if PPPoE dialin is used. Date: Tue, 23 Apr 2019 21:27:53 +0200 Message-ID: <20190423192753.5524-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0163192913256328504==" List-Id: --===============0163192913256328504== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Fixes #12058. Signed-off-by: Stefan Schantl --- src/initscripts/system/suricata | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata index 16548753e..ecd693054 100644 --- a/src/initscripts/system/suricata +++ b/src/initscripts/system/suricata @@ -18,6 +18,7 @@ PATH=3D/usr/local/sbin:/usr/local/bin:/bin:/usr/bin:/sbin:/usr/sbin; export = PATH =20 eval $(/usr/local/bin/readhash /var/ipfire/suricata/settings) +eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) =20 # Name of the firewall chain. FW_CHAIN=3D"IPS" @@ -65,9 +66,18 @@ function generate_fw_rules { =20 # Check if the IDS is enabled for this network zone. if [ "${!enable_ids_zone}" =3D=3D "on" ]; then - # Generate name of the network interface. - network_device=3D$zone - network_device+=3D"0" + # Check if the current processed zone is "red" and the configured type is= PPPoE dialin. + if [ "$zone" =3D=3D "red" ] && [ "$RED_TYPE" =3D=3D "PPPOE" ]; then + # Set device name to ppp0. + network_device=3D"ppp0" + else + # Generate variable name which contains the device name. + zone_name=3D"$zone_upper" + zone_name+=3D"_DEV" + + # Grab device name. + network_device=3D${!zone_name} + fi =20 # Assign NFQ_OPTS NFQ_OPTIONS=3D$NFQ_OPTS --=20 2.20.1 --===============0163192913256328504==--