From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Schantl To: development@lists.ipfire.org Subject: Re: [PATCH 3/9] suricata: Define bypass mark Date: Tue, 19 Oct 2021 06:03:20 +0200 Message-ID: <5fa81bb91fbc4b7e044723bb783a7f4e96fe391f.camel@ipfire.org> In-Reply-To: <20211018101022.15448-3-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7769640884842769202==" List-Id: --===============7769640884842769202== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Tested-by: Stefan Schantl > Signed-off-by: Michael Tremer > --- >  config/suricata/suricata.yaml   | 4 ++-- >  src/initscripts/system/suricata | 2 ++ >  2 files changed, 4 insertions(+), 2 deletions(-) > > diff --git a/config/suricata/suricata.yaml > b/config/suricata/suricata.yaml > index 1ce013dc7..f02b93d76 100644 > --- a/config/suricata/suricata.yaml > +++ b/config/suricata/suricata.yaml > @@ -348,8 +348,8 @@ nfq: >     mode: repeat >     repeat-mark: 2147483648 >     repeat-mask: 2147483648 > -#   bypass-mark: 1 > -#   bypass-mask: 1 > +   bypass-mark: 1073741824 > +   bypass-mask: 1073741824 >  #  route-queue: 2 >  #  batchcount: 20 >     fail-open: yes > diff --git a/src/initscripts/system/suricata > b/src/initscripts/system/suricata > index 111bd9df3..981471c7c 100644 > --- a/src/initscripts/system/suricata > +++ b/src/initscripts/system/suricata > @@ -37,6 +37,8 @@ enabled_ips_zones=() >  # Mark and Mask options. >  REPEAT_MARK="0x80000000" >  REPEAT_MASK="0x80000000" > +BYPASS_MARK="0x40000000" > +BYPASS_MASK="0x40000000" >   >  # PID file of suricata. >  PID_FILE="/var/run/suricata.pid" --===============7769640884842769202==--