firewall: Use seperate firewall chains for passing traffic to the IPS
authorStefan Schantl <stefan.schantl@ipfire.org>
Thu, 25 Apr 2019 17:31:46 +0000 (19:31 +0200)
committerArne Fitzenreiter <arne_f@ipfire.org>
Fri, 26 Apr 2019 05:46:15 +0000 (07:46 +0200)
commit686c4b9f25d2c2edfc4fe851f84a78e04eaee330
tree63b4ca9efbcf6c8d313634c6e4a239bc0ae963bd
parent31568a19824a5e0621cf6cb9297d2800e3b3f59e
firewall: Use seperate firewall chains for passing traffic to the IPS

Create and use seperate iptables chain called IPS_INPUT, IPS_FORWARD and IPS_OUTPUT
to be more flexible which kind of traffic should be passed to suricata.

Reference #12062

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
src/initscripts/system/firewall