webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-18 23:12:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

suricata: Add option to scan WireGuard

Browse Source 
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2024-09-10 10:50:15 +02:00
parent 72d501f923
commit 1b7d1abdf0
5 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/initscripts/networking/functions.network
View File

@@ -92,9 +92,15 @@ network_get_intf() {
fi
;;
WIREGUARD|WG)
echo "wg+"
return 0
;;
OPENVPN|OVPN)
# OpenVPN is using all tun devices
echo "tun+"
return 0
;;
esac

2
src/initscripts/system/suricata
View File

@@ -41,7 +41,7 @@ IPS_SCAN_MARK="0x10000000"
IPS_SCAN_MASK="0x10000000"
# Supported network zones
NETWORK_ZONES=( "RED" "GREEN" "ORANGE" "BLUE" "OVPN" )
NETWORK_ZONES=( "RED" "GREEN" "ORANGE" "BLUE" "WG" "OVPN" )
# Optional options for the Netfilter queue.
NFQ_OPTS=(