[Oisf-users] "queue-bypass" patch for centos/rhel 6.2
kay
kay.diam at gmail.com
Wed Jul 25 05:34:16 EDT 2012
I've just backported must have functionality for NFQUEUE. Wish someone
review it.
The origin patches I used:
https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=6924b4987d88fbe383bec4da4cf331cc466c245e
https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=3c461ceeed5f55599930051f6feaec014b08f730
http://thread.gmane.org/gmane.linux.network/184302/focus=184239 (patches 72-75)
Now if suricata works in IPS mode and crashed - traffic should not be dropped.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iptables-1.4.7-queue_bypass.patch
Type: application/octet-stream
Size: 4771 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iptables.spec.diff
Type: application/octet-stream
Size: 626 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0001.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kernel.spec.diff
Type: application/octet-stream
Size: 654 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linux-kernel-queue_bypass.patch
Type: application/octet-stream
Size: 11082 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0003.obj>
More information about the Oisf-users
mailing list