git.ipfire.org Git - people/ms/suricata.git/commit

]> git.ipfire.org Git - people/ms/suricata.git/commit - src/util-device.c

projects / people / ms / suricata.git / commit

author	Victor Julien <victor@inliniac.net>
	Wed, 31 May 2017 07:33:16 +0000 (09:33 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 7 Aug 2018 09:10:17 +0000 (11:10 +0200)
commit	12fec46d13062ee2c562ffcad372ed2b259e9782
tree	7f123ca2f26d181d69e9effafa7b390475c4796a	tree \| snapshot
parent	a337908c789f5cd4cd9d3c3d3de7ea1ed5b96919	commit \| diff

multi-tenant: introduce device selector

Add device to tenant mapping support:

  mappings:
  - device: ens5f0
    tenant-id: 1
  - device: ens5f1
    tenant-id: 23

Implemented by assigning the tenant id to the 'livedev', which means
it's only supported for capture methods that use the livedev API.

It's also currently not supported for IPS. In a case like 'eth0 -> eth1'
it's unclear which tenant should be used for the return traffic in a
flow, where the incoming device is 'eth1'.

src/detect-engine.c		diff \| blob \| blame \| history
src/detect-engine.h		diff \| blob \| blame \| history
src/detect.h		diff \| blob \| blame \| history
src/util-device.c		diff \| blob \| blame \| history
src/util-device.h		diff \| blob \| blame \| history

Michael's tree of suricata

RSS Atom