[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.1beta1-77-g7cdc570
OISF Git
noreply at openinfosecfoundation.org
Mon Sep 22 16:19:26 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 7cdc57060b6b16417c45468682158ded6b47a091 (commit)
via 1e36053eca47c56bc8fc47287a09de3a49bbb507 (commit)
from 02529b13a8cb7cc5b33669e010f65b1f3216eb39 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7cdc57060b6b16417c45468682158ded6b47a091
Author: Victor Julien <victor at inliniac.net>
Date: Mon Sep 22 17:33:40 2014 +0200
af-packet: check pointers before use
commit 1e36053eca47c56bc8fc47287a09de3a49bbb507
Author: Eric Leblond <eric at regit.org>
Date: Fri Sep 19 16:54:00 2014 +0200
af-packet: force suricata in IPS mode when needed
AF_PACKET is not setting the engine mode to IPS when some
interfaces are peered and use IPS mode. This is due to the
fact, it is possible to peer 2 interfaces and run an IPS on
them and have a third one that is running in normal IDS mode.
In fact this choice is the bad one as unwanted side effect is
that there is no drop log and that stream inline is not used.
To fix that, this patch puts suricata in IPS mode as soon as
there is two interfaces in IPS mode. And it displays a error
message to warn user that the accuracy of detection on IDS only
interfaces will be low.
-----------------------------------------------------------------------
Summary of changes:
src/runmode-af-packet.c | 78 +++++++++++++++++++++++++++++++++++++++++++++++
src/runmode-af-packet.h | 1 +
src/suricata.c | 4 +++
3 files changed, 83 insertions(+)
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list