Project

General

Profile

Actions

Task #5588

open

ips/tap: don't allow mixed tap and ips modes

Added by Jason Ish over 1 year ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Effort:
low
Difficulty:
Label:

Description

Currently its possible to create 2 pairs of interfaces in af-packet ips/tap mode in different modes, one pair in ips mode and the other in tap. This should be disallowed as certain assumptions are made in ips mode that may cause the tap mode to not work reliably or in undefined/unknown ways.

Additonally, if within a pair of interfaces, one is tap and the other is ips, consider this is a fatal error.


Related issues 1 (0 open1 closed)

Related to Suricata - Task #5587: ips/tap: in layer 2 ips/tap setups, warn that mixed usage of ips and tap will be removed in 8.0ClosedJason IshActions
Actions #1

Updated by Jason Ish over 1 year ago

  • Related to Task #5587: ips/tap: in layer 2 ips/tap setups, warn that mixed usage of ips and tap will be removed in 8.0 added
Actions

Also available in: Atom PDF