suricata: Define bypass mark

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Tested-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

config/suricata/suricata.yaml

@@ -348,8 +348,8 @@ nfq:
    mode: repeat
    repeat-mark: 2147483648
    repeat-mask: 2147483648
-#   bypass-mark: 1
+   bypass-mark: 1073741824
-#   bypass-mask: 1
+   bypass-mask: 1073741824
 #  route-queue: 2
 #  batchcount: 20
    fail-open: yes

src/initscripts/system/suricata

@@ -37,6 +37,8 @@ enabled_ips_zones=()
 # Mark and Mask options.
 REPEAT_MARK="0x80000000"
 REPEAT_MASK="0x80000000"
+BYPASS_MARK="0x40000000"
+BYPASS_MASK="0x40000000"
 
 # PID file of suricata.
 PID_FILE="/var/run/suricata.pid"