ids-functions.pl: Set bypass flag for whitelisted hosts.

When adding a host to the whitelist set the bypass flag to
immediate take the load from the IDS.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/config/cfgroot/ids-functions.pl b/config/cfgroot/ids-functions.pl
index 95082fcacc2d25e749d5a8a7ce912068eacd4e89..484e03ad8f2a6bd4c4af3f459050052fc58acd24 100644 (file)
--- a/config/cfgroot/ids-functions.pl
+++ b/config/cfgroot/ids-functions.pl
@@ -1692,7 +1692,7 @@ sub generate_ignore_file() {
                                # Check if the address/network is valid.
                                if ((&General::validip($address)) || (&General::validipandmask($address))) {
                                        # Write rule line to the file to pass any traffic from this IP
-                                       print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; sid:$sid\;)\n";
+                                       print FILE "pass ip $address any -> any any (msg:\"pass all traffic from/to $address\"\; bypass; sid:$sid\;)\n";
 
                                        # Increment sid.
                                        $sid++;