webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-26 02:42:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
8b981e4d76fcb9d380ae1cbd4c9eeec1726e593e
bpfire/config/suricata
History
Michael Tremer 69031f7674 suricata: Disable fail-open on NFQUEUE 
This change causes that if suricata crashes, the NFQUEUE will no longer
fall into a mode where ALL packets are being accepted. This used the be
the case before which opened the entire firewall.

If suricata randomly crashes, we will fall back to the "bypass" mode
where packets will bypass suricata, but nothing else.

Fixes: #13642
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
2024-04-05 12:48:16 +01:00
..
convert-ids-backend-files
convert-ids-backend-files: Wait until suricata has stopped sucessfully.
2022-04-25 20:12:19 +02:00
convert-ids-modifysids-file
convert-ids-modifysids-file: Fix check if the ids is running.
2019-06-10 09:46:00 +01:00
convert-ids-multiple-providers
convert-ids-multiple-providers: Set correct ownership for default rules
2022-01-08 16:16:47 +01:00
convert-snort
convert-snort: Adjust converter to work with new IDS.
2021-12-19 13:23:44 +01:00
ruleset-sources
ruleset-sources: Restore generic details about recently dropped providers
2024-03-22 15:18:41 +00:00
suricata.yaml
suricata: Disable fail-open on NFQUEUE
2024-04-05 12:48:16 +01:00