From: Victor Julien <vjulien@oisf.net>
Date: Tue, 16 Apr 2024 13:38:13 +0000 (+0200)
Subject: capture: improve IDS + IPS check
X-Git-Tag: suricata-8.0.0-beta1~1453
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=58bff9b85508671f45f044d3fe212d29ffe1f95a;p=thirdparty%2Fsuricata.git

capture: improve IDS + IPS check

Improve it for af-packet, dpdk, netmap. Check would not consider
an interface IDS if the `default` section contained a copy-mode
field.
---

diff --git a/src/runmode-af-packet.c b/src/runmode-af-packet.c
index b8ad0bfac0..742d96855b 100644
--- a/src/runmode-af-packet.c
+++ b/src/runmode-af-packet.c
@@ -90,7 +90,6 @@ static int AFPRunModeIsIPS(void)
             SCLogError("Problem with config file");
             return 0;
         }
-        const char *copymodestr = NULL;
         if_root = ConfFindDeviceConfig(af_packet_node, live_dev);
 
         if (if_root == NULL) {
@@ -101,7 +100,10 @@ static int AFPRunModeIsIPS(void)
             if_root = if_default;
         }
 
-        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1) {
+        const char *copymodestr = NULL;
+        const char *copyifacestr = NULL;
+        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1 &&
+                ConfGetChildValue(if_root, "copy-iface", &copyifacestr) == 1) {
             if (strcmp(copymodestr, "ips") == 0) {
                 has_ips = 1;
             } else {
diff --git a/src/runmode-dpdk.c b/src/runmode-dpdk.c
index 9a1cc4e0b3..d5f9536d25 100644
--- a/src/runmode-dpdk.c
+++ b/src/runmode-dpdk.c
@@ -1663,7 +1663,9 @@ static int DPDKRunModeIsIPS(void)
         }
 
         const char *copymodestr = NULL;
-        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1) {
+        const char *copyifacestr = NULL;
+        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1 &&
+                ConfGetChildValue(if_root, "copy-iface", &copyifacestr) == 1) {
             if (strcmp(copymodestr, "ips") == 0) {
                 has_ips = true;
             } else {
diff --git a/src/runmode-netmap.c b/src/runmode-netmap.c
index e207cf0630..947b381229 100644
--- a/src/runmode-netmap.c
+++ b/src/runmode-netmap.c
@@ -81,7 +81,6 @@ static int NetmapRunModeIsIPS(void)
             SCLogError("Problem with config file");
             return 0;
         }
-        const char *copymodestr = NULL;
         if_root = ConfNodeLookupKeyValue(netmap_node, "interface", live_dev);
 
         if (if_root == NULL) {
@@ -92,7 +91,10 @@ static int NetmapRunModeIsIPS(void)
             if_root = if_default;
         }
 
-        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1) {
+        const char *copymodestr = NULL;
+        const char *copyifacestr = NULL;
+        if (ConfGetChildValueWithDefault(if_root, if_default, "copy-mode", &copymodestr) == 1 &&
+                ConfGetChildValue(if_root, "copy-iface", &copyifacestr) == 1) {
             if (strcmp(copymodestr, "ips") == 0) {
                 has_ips = 1;
             } else {