The previous used "1" was already used to mark source-natted
packets.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
nfq:
mode: repeat
- repeat-mark: 1
- repeat-mask: 1
- bypass-mark: 1
- bypass-mask: 1
+ repeat-mark: 2
+ repeat-mask: 2
+# bypass-mark: 1
+# bypass-mask: 1
# route-queue: 2
# batchcount: 20
fail-open: yes
network_zones=( red green blue orange )
# Mark and Mask options.
-MARK="0x1"
-MASK="0x1"
+MARK="0x2"
+MASK="0x2"
# PID file of suricata.
PID_FILE="/var/run/suricata.pid"