]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fc15374) | patch
suricata: Move the IPS into the mangle table
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 9 Sep 2024 09:49:30 +0000 (11:49 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 24 Sep 2024 08:41:45 +0000 (08:41 +0000)
commit558dcc66e632fe12b566edc4e39c519cdbc1b6a0
tree9774cad423033ddbdd449a3ac7f6336a7e0d631ctree
parentfc1537434f007977161c2ba46b823d276b8c5d7ccommit | diff
suricata: Move the IPS into the mangle table

This should make the IPS more efficient, we should have fewer rules and
the IPS will now sit at the edge of the networking stack as it will see
packets immediately when they come and and just before they leave.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/initscripts/system/firewall diff | blob | blame | history
src/initscripts/system/suricata diff | blob | blame | history
IPFire 2.x development tree