Exit if bpf is used in IPS mode

author Eric Leblond <eric@regit.org>

Tue, 26 Mar 2013 13:16:23 +0000 (14:16 +0100)

committer Victor Julien <victor@inliniac.net>

Thu, 28 Mar 2013 08:53:47 +0000 (09:53 +0100)
author Eric Leblond <eric@regit.org>
Tue, 26 Mar 2013 13:16:23 +0000 (14:16 +0100)
committer Victor Julien <victor@inliniac.net>
Thu, 28 Mar 2013 08:53:47 +0000 (09:53 +0100)
diff --git a/src/suricata.c b/src/suricata.c

index c5c0c36faf95fe6f41b766a9bf98248b10019d3c..3b48ee30857f55beb90a478f383c5a89c45f3ada 100644 (file)
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -381,6 +381,13 @@ static void SetBpfString(int optind, char *argv[]) {
      if (bpf_len == 0)
          return;
  
+    if (IS_ENGINE_MODE_IPS(engine_mode)) {
+        SCLogError(SC_ERR_NOT_SUPPORTED,
+                   "BPF filter not available in IPS mode."
+                   " Use firewall filtering if possible.");
+        exit(EXIT_FAILURE);
+    }
+
      bpf_filter = SCMalloc(bpf_len);
      if (unlikely(bpf_filter == NULL))
          return;
author	Eric Leblond <eric@regit.org>
	Tue, 26 Mar 2013 13:16:23 +0000 (14:16 +0100)
committer	Victor Julien <victor@inliniac.net>
	Thu, 28 Mar 2013 08:53:47 +0000 (09:53 +0100)