[Oisf-users] "queue-bypass" patch for centos/rhel 6.2
kay
kay.diam at gmail.com
Wed Jul 25 09:34:16 UTC 2012
I've just backported must have functionality for NFQUEUE. Wish someone
review it.
The origin patches I used:
https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=6924b4987d88fbe383bec4da4cf331cc466c245e
https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=3c461ceeed5f55599930051f6feaec014b08f730
http://thread.gmane.org/gmane.linux.network/184302/focus=184239 (patches 72-75)
Now if suricata works in IPS mode and crashed - traffic should not be dropped.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iptables-1.4.7-queue_bypass.patch
Type: application/octet-stream
Size: 4772 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0008.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iptables.spec.diff
Type: application/octet-stream
Size: 627 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0009.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kernel.spec.diff
Type: application/octet-stream
Size: 655 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0010.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linux-kernel-queue_bypass.patch
Type: application/octet-stream
Size: 11083 bytes
Desc: not available
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120725/2b582e86/attachment-0011.obj>
More information about the Oisf-users
mailing list