Add HACK for integrating suricata IPS (at 'gw-ckubu').
This commit is contained in:
parent
e2a8392a8c
commit
7b34fa3222
@ -512,6 +512,23 @@ esac
|
|||||||
echo
|
echo
|
||||||
|
|
||||||
|
|
||||||
|
# -------------
|
||||||
|
# - suricata IPS (Inline Mode)
|
||||||
|
# -------------
|
||||||
|
|
||||||
|
# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
|
||||||
|
# -
|
||||||
|
echononl "\tForward to suricata IPS (inline Mode)"
|
||||||
|
if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then
|
||||||
|
$ip6t -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
|
||||||
|
echo_done
|
||||||
|
else
|
||||||
|
echo_skipped
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
|
||||||
# -------------
|
# -------------
|
||||||
# --- iPerf
|
# --- iPerf
|
||||||
# -------------
|
# -------------
|
||||||
|
|||||||
@ -1061,6 +1061,23 @@ esac
|
|||||||
echo
|
echo
|
||||||
|
|
||||||
|
|
||||||
|
# -------------
|
||||||
|
# - suricata IPS (Inline Mode)
|
||||||
|
# -------------
|
||||||
|
|
||||||
|
# - HACK for integrating suricata IPS (Inline Mode) at 'gw-ckubu'
|
||||||
|
# -
|
||||||
|
echononl "\tForward to suricata IPS (inline Mode)"
|
||||||
|
if [[ -n "$(ps ax | grep "/usr/bin/suricata" 2>/dev/null | grep -v grep 2> /dev/null | awk '{print$1}')" ]] ; then
|
||||||
|
$ipt -A FORWARD -m mark ! --mark 0x1/0x1 -j NFQUEUE --queue-balance 0:3
|
||||||
|
echo_done
|
||||||
|
else
|
||||||
|
echo_skipped
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo
|
||||||
|
|
||||||
|
|
||||||
# -------------
|
# -------------
|
||||||
# --- iPerf
|
# --- iPerf
|
||||||
# -------------
|
# -------------
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user