From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefan Schantl To: development@lists.ipfire.org Subject: Re: [PATCH 1/9] suricata: Set most significant bit as repeat marker Date: Tue, 19 Oct 2021 06:02:19 +0200 Message-ID: <62264b33d6583d30d33dd67703ac14397ba66b71.camel@ipfire.org> In-Reply-To: <20211018101022.15448-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5715956147933744892==" List-Id: --===============5715956147933744892== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Tested-by: Stefan Schantl > I have no idea why some odd value was chosen here, but one bit should > be > enough. > > Signed-off-by: Michael Tremer > --- >  config/suricata/suricata.yaml   | 4 ++-- >  src/initscripts/system/suricata | 4 ++-- >  2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/config/suricata/suricata.yaml > b/config/suricata/suricata.yaml > index 4e9e39967..1ce013dc7 100644 > --- a/config/suricata/suricata.yaml > +++ b/config/suricata/suricata.yaml > @@ -346,8 +346,8 @@ logging: >   >  nfq: >     mode: repeat > -   repeat-mark: 1879048192 > -   repeat-mask: 1879048192 > +   repeat-mark: 2147483648 > +   repeat-mask: 2147483648 >  #   bypass-mark: 1 >  #   bypass-mask: 1 >  #  route-queue: 2 > diff --git a/src/initscripts/system/suricata > b/src/initscripts/system/suricata > index 33633ddf9..e327225d7 100644 > --- a/src/initscripts/system/suricata > +++ b/src/initscripts/system/suricata > @@ -35,8 +35,8 @@ network_zones=( red green blue orange ovpn ) >  enabled_ips_zones=() >   >  # Mark and Mask options. > -MARK="0x70000000" > -MASK="0x70000000" > +MARK="0x80000000" > +MASK="0x80000000" >   >  # PID file of suricata. >  PID_FILE="/var/run/suricata.pid" --===============5715956147933744892==--