#include "util-device.h"
#include "util-misc.h"
#include "util-running-modes.h"
+#include "util-validate.h"
#include "detect-engine.h"
#include "detect-parse.h"
/** Engine mode: inline (ENGINE_MODE_IPS) or just
* detection mode (ENGINE_MODE_IDS by default) */
-static enum EngineMode g_engine_mode = ENGINE_MODE_IDS;
+static enum EngineMode g_engine_mode = ENGINE_MODE_UNKNOWN;
/** Host mode: set if box is sniffing only
* or is a router */
return (suricata.sig_file != NULL);
}
+int EngineModeIsUnknown(void)
+{
+ return (g_engine_mode == ENGINE_MODE_UNKNOWN);
+}
+
int EngineModeIsIPS(void)
{
+ DEBUG_VALIDATE_BUG_ON(g_engine_mode == ENGINE_MODE_UNKNOWN);
return (g_engine_mode == ENGINE_MODE_IPS);
}
int EngineModeIsIDS(void)
{
+ DEBUG_VALIDATE_BUG_ON(g_engine_mode == ENGINE_MODE_UNKNOWN);
return (g_engine_mode == ENGINE_MODE_IDS);
}
FILE *fp = NULL;
size_t nm = 0;
- if (EngineModeIsIPS()) {
- FatalError(SC_ERR_FATAL,
- "BPF filter not available in IPS mode."
- " Use firewall filtering if possible.");
- }
-
#ifdef OS_WIN32
if(_stat(filename, &st) != 0) {
#else
if (AFPRunModeIsIPS()) {
SCLogInfo("AF_PACKET: Setting IPS mode");
EngineModeSetIPS();
+ return;
}
}
#endif
if (NetmapRunModeIsIPS()) {
SCLogInfo("Netmap: Setting IPS mode");
EngineModeSetIPS();
+ return;
}
}
#endif
-
- SCReturnInt(TM_ECODE_OK);
}
static void PostConfLoadedSetupHostMode(void)
/* set engine mode if L2 IPS */
RunModeEngineIsIPS(suri);
+ if (EngineModeIsUnknown()) { // if still uninitialized the set the default
+ SCLogInfo("Setting engine mode to IDS mode by default");
+ EngineModeSetIDS();
+ }
+
AppLayerSetup();
/* Suricata will use this umask if provided. By default it will use the
projects / thirdparty / suricata.git / commitdiff
