From: Victor Julien Date: Sun, 31 Jan 2016 18:27:35 +0000 (+0100) Subject: qa: add --simulate-ips option X-Git-Tag: suricata-3.0.1RC1~155 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3a9bcd6a5362346b0e5c55fb4a2eb4117d818af4;p=thirdparty%2Fsuricata.git qa: add --simulate-ips option This option forces the engine in 'IPS' mode. This is useful for testing some IPS code paths based on pcaps. --- diff --git a/src/suricata.c b/src/suricata.c index 4c18f6a5b1..811a760008 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -590,6 +590,7 @@ void usage(const char *progname) printf("\t--pfring-cluster-id : pfring cluster id \n"); printf("\t--pfring-cluster-type : pfring cluster type for PF_RING 4.1.2 and later cluster_round_robin|cluster_flow\n"); #endif /* HAVE_PFRING */ + printf("\t--simulate-ips : force engine into IPS mode. Useful for QA\n"); #ifdef HAVE_LIBCAP_NG printf("\t--user : run suricata as this user after init\n"); printf("\t--group : run suricata as this group after init\n"); @@ -1126,6 +1127,7 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri) {"af-packet", optional_argument, 0, 0}, {"netmap", optional_argument, 0, 0}, {"pcap", optional_argument, 0, 0}, + {"simulate-ips", 0, 0 , 0}, #ifdef BUILD_UNIX_SOCKET {"unix-socket", optional_argument, 0, 0}, #endif @@ -1311,6 +1313,9 @@ static TmEcode ParseCommandLine(int argc, char** argv, SCInstance *suri) usage(argv[0]); return TM_ECODE_FAILED; } + } else if(strcmp((long_opts[option_index]).name, "simulate-ips") == 0) { + SCLogInfo("Setting IPS mode"); + EngineModeSetIPS(); } else if(strcmp((long_opts[option_index]).name, "init-errors-fatal") == 0) { if (ConfSetFinal("engine.init-failure-fatal", "1") != 1) { fprintf(stderr, "ERROR: Failed to set engine init-failure-fatal.\n");