mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-10 19:15:54 +02:00
bbb6efae56
This commit adds the required backend code to allow switching between IDS and IPS mode of suricata. Technically the behaviour of suricata is specified by the rules - each of them can contain the action "alert" or "drop" (There are more actions supported but these two are currently the important one) When running in IDS mode, the ruleset does not need to be touched, because the default action is "alert". When switching to IPS mode, the CGI writes a single line to "oinkmaster-modify-sids.conf" which is included by oinkmaster and modify the action for each single rule from alert to drop. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>