webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 11:43:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

suricata: Always count the whitelisted packets

Browse Source 
Even if there are no rules, if this does not exist, collectd will be
unhappy and we cannot generate the graph.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Michael Tremer
2024-09-21 12:39:32 +02:00
parent 4efa4c4b71
commit 6826eed0a4
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/initscripts/system/suricata
View File

@@ -129,13 +129,13 @@ generate_fw_rules() {
iptables -w -t mangle -A IPS -s "${network}" -j MARK --set-mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))" iptables -w -t mangle -A IPS -s "${network}" -j MARK --set-mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))"
iptables -w -t mangle -A IPS -d "${network}" -j MARK --set-mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))" iptables -w -t mangle -A IPS -d "${network}" -j MARK --set-mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))"
done < "/var/ipfire/suricata/ignored" done < "/var/ipfire/suricata/ignored"
# Count and skip the whitelisted packets
iptables -w -t mangle -A IPS \
-m comment --comment "WHITELISTED" \
-m mark --mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))" -j RETURN
fi fi
# Count and skip the whitelisted packets
iptables -w -t mangle -A IPS \
-m comment --comment "WHITELISTED" \
-m mark --mark "$(( IPS_WHITELISTED_MARK ))/$(( IPS_WHITELISTED_MASK ))" -j RETURN
# Send packets to suricata # Send packets to suricata
iptables -w -t mangle -A IPS -m comment --comment "SCANNED" -j NFQUEUE "${NFQ_OPTIONS[@]}" iptables -w -t mangle -A IPS -m comment --comment "SCANNED" -j NFQUEUE "${NFQ_OPTIONS[@]}"