suricata: Set most significant bit as repeat marker

I have no idea why some odd value was chosen here, but one bit should be
enough.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
Tested-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 4e9e399675551c8a5bfd81568da622b2f3767576..1ce013dc7ca10066b7613c828852fbc79081572a 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -346,8 +346,8 @@ logging:
 
 nfq:
    mode: repeat
-   repeat-mark: 1879048192
-   repeat-mask: 1879048192
+   repeat-mark: 2147483648
+   repeat-mask: 2147483648
 #   bypass-mark: 1
 #   bypass-mask: 1
 #  route-queue: 2

diff --git a/src/initscripts/system/suricata b/src/initscripts/system/suricata
index 33633ddf943cd8af0aa42484310352674f834ac0..e327225d7aa8e7604300535ee202e7809f785db4 100644 (file)
--- a/src/initscripts/system/suricata
+++ b/src/initscripts/system/suricata
@@ -35,8 +35,8 @@ network_zones=( red green blue orange ovpn )
 enabled_ips_zones=()
 
 # Mark and Mask options.
-MARK="0x70000000"
-MASK="0x70000000"
+MARK="0x80000000"
+MASK="0x80000000"
 
 # PID file of suricata.
 PID_FILE="/var/run/suricata.pid"