From 7b34fa3222d11923582f6456994b2221537131ab Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Mon, 20 May 2019 17:16:33 +0200
Subject: [PATCH] Add HACK for integrating suricata IPS (at 'gw-ckubu').

---
 ip6t-firewall-gateway | 17 +++++++++++++++++
 ipt-firewall-gateway  | 17 +++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway
index b3990b3..94d3d32 100755
--- a/ip6t-firewall-gateway
+++ b/ip6t-firewall-gateway
@@ -512,6 +512,23 @@ esac
 echo
 
 
+# -------------
+# - suricata IPS (Inline Mode)
+# -------------
+
+# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
+# -
+echononl "\tForward to suricata IPS (inline Mode)"
+if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then 
+   $ip6t -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
+   echo_done
+else
+   echo_skipped
+fi
+
+echo
+
+
 # -------------
 # --- iPerf
 # -------------
diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway
index 4936776..24b80d2 100755
--- a/ipt-firewall-gateway
+++ b/ipt-firewall-gateway
@@ -1061,6 +1061,23 @@ esac
 echo
 
 
+# -------------
+# - suricata IPS (Inline Mode)
+# -------------
+
+# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
+# -
+echononl "\tForward to suricata IPS (inline Mode)"
+if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then 
+   $ipt -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
+   echo_done
+else
+   echo_skipped
+fi
+
+echo
+
+
 # -------------
 # --- iPerf
 # -------------