From: Eric Leblond <eric@regit.org>
Date: Wed, 26 Feb 2014 10:13:33 +0000 (+0100)
Subject: Exit if BPF filter file is specified in IPS mode
X-Git-Tag: suricata-2.0rc2~35
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a6bb86a9e0b916947ba977cfe86c01c784419f8a;p=thirdparty%2Fsuricata.git

Exit if BPF filter file is specified in IPS mode

This patch adds a check that was missing when specifying BPF filter
from a file. Suricata behavior should have been the same as when
BPF filter is specified on command line.
---

diff --git a/src/suricata.c b/src/suricata.c
index 9bf971df37..d28b69d666 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -423,6 +423,13 @@ static void SetBpfStringFromFile(char *filename) {
     FILE *fp = NULL;
     size_t nm = 0;
 
+    if (IS_ENGINE_MODE_IPS(engine_mode)) {
+        SCLogError(SC_ERR_NOT_SUPPORTED,
+                   "BPF filter not available in IPS mode."
+                   " Use firewall filtering if possible.");
+        exit(EXIT_FAILURE);
+    }
+
 #ifdef OS_WIN32
     if(_stat(filename, &st) != 0) {
 #else