From: Eric Leblond <eric@regit.org>
Date: Tue, 26 Mar 2013 13:16:23 +0000 (+0100)
Subject: Exit if bpf is used in IPS mode
X-Git-Tag: suricata-2.0beta1~197
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dfbb31df8a03c4b150079902088e305060132a8e;p=thirdparty%2Fsuricata.git

Exit if bpf is used in IPS mode
---

diff --git a/src/suricata.c b/src/suricata.c
index c5c0c36faf..3b48ee3085 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -381,6 +381,13 @@ static void SetBpfString(int optind, char *argv[]) {
     if (bpf_len == 0)
         return;
 
+    if (IS_ENGINE_MODE_IPS(engine_mode)) {
+        SCLogError(SC_ERR_NOT_SUPPORTED,
+                   "BPF filter not available in IPS mode."
+                   " Use firewall filtering if possible.");
+        exit(EXIT_FAILURE);
+    }
+
     bpf_filter = SCMalloc(bpf_len);
     if (unlikely(bpf_filter == NULL))
         return;