From a6bb86a9e0b916947ba977cfe86c01c784419f8a Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Wed, 26 Feb 2014 11:13:33 +0100
Subject: [PATCH] Exit if BPF filter file is specified in IPS mode

This patch adds a check that was missing when specifying BPF filter
from a file. Suricata behavior should have been the same as when
BPF filter is specified on command line.
---
 src/suricata.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/suricata.c b/src/suricata.c
index 9bf971df37..d28b69d666 100644
--- a/src/suricata.c
+++ b/src/suricata.c
@@ -423,6 +423,13 @@ static void SetBpfStringFromFile(char *filename) {
     FILE *fp = NULL;
     size_t nm = 0;
 
+    if (IS_ENGINE_MODE_IPS(engine_mode)) {
+        SCLogError(SC_ERR_NOT_SUPPORTED,
+                   "BPF filter not available in IPS mode."
+                   " Use firewall filtering if possible.");
+        exit(EXIT_FAILURE);
+    }
+
 #ifdef OS_WIN32
     if(_stat(filename, &st) != 0) {
 #else
-- 
2.47.3