From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH 3/9] suricata: Define bypass mark Date: Mon, 18 Oct 2021 22:43:20 +0200 Message-ID: <9d5c2c25-9f3b-0987-ef9b-4a930e4466cb@ipfire.org> In-Reply-To: <20211018101022.15448-3-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3749594836737295856==" List-Id: --===============3749594836737295856== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Reviewed-by: Peter M=C3=BCller > Signed-off-by: Michael Tremer > --- > config/suricata/suricata.yaml | 4 ++-- > src/initscripts/system/suricata | 2 ++ > 2 files changed, 4 insertions(+), 2 deletions(-) >=20 > diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml > index 1ce013dc7..f02b93d76 100644 > --- a/config/suricata/suricata.yaml > +++ b/config/suricata/suricata.yaml > @@ -348,8 +348,8 @@ nfq: > mode: repeat > repeat-mark: 2147483648 > repeat-mask: 2147483648 > -# bypass-mark: 1 > -# bypass-mask: 1 > + bypass-mark: 1073741824 > + bypass-mask: 1073741824 > # route-queue: 2 > # batchcount: 20 > fail-open: yes > diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suric= ata > index 111bd9df3..981471c7c 100644 > --- a/src/initscripts/system/suricata > +++ b/src/initscripts/system/suricata > @@ -37,6 +37,8 @@ enabled_ips_zones=3D() > # Mark and Mask options. > REPEAT_MARK=3D"0x80000000" > REPEAT_MASK=3D"0x80000000" > +BYPASS_MARK=3D"0x40000000" > +BYPASS_MASK=3D"0x40000000" > =20 > # PID file of suricata. > PID_FILE=3D"/var/run/suricata.pid" >=20 --===============3749594836737295856==--