Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 6726 livedev ips/v3 #10863

Closed
wants to merge 3 commits into from
Closed

Bug 6726 livedev ips/v3 #10863

wants to merge 3 commits into from

Conversation

victorjulien
Copy link
Member

@victorjulien
capture: improve IDS + IPS check
8db4e1a 
Improve it for af-packet, dpdk, netmap. Check would not consider
an interface IDS if the `default` section contained a copy-mode
field.
@victorjulien
capture: block IDS + IPS combination
0f10aff 
In general, improve IPS setup error checking.

Ticket: OISF#5588.
@victorjulien
ips: check for livedev.use-for-tracking
11a8009 
For the capture methods that support livedev and IPS, error out
if livedev.use-for-tracking is set to true.

This setting causes major flow tracking issues, as both sides of
a flow would be tracked in different flows.

Ticket: OISF#6726.
@victorjulien
Copy link
Member Author

Tested 3 scenarios:
af-packet IPS + livedev.use-for-tracking
af-packet IPS 3 interfaces, one ips pair and single IDS iface
af-packet IPS 4 interfaces, one ips pair, one tap pair

image

@codecov Codecov
Copy link

codecov bot commented Apr 16, 2024

Codecov Report

Attention: Patch coverage is 11.62791% with 38 lines in your changes are missing coverage. Please review.

Project coverage is 82.96%. Comparing base (ce1556c) to head (11a8009).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master   #10863   +/-   ##
=======================================
  Coverage   82.95%   82.96%           
=======================================
  Files         917      917           
  Lines      247361   247347   -14     
=======================================
+ Hits       205198   205203    +5     
+ Misses      42163    42144   -19
Flag Coverage Δ
fuzzcorpus 64.50% <6.97%> (+<0.01%) ⬆️
suricata-verify 62.30% <11.62%> (-0.01%) ⬇️
unittests 62.29% <0.00%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

@victorjulien
Copy link
Member Author

Guess it works ;)
image

@victorjulien victorjulien mentioned this pull request Apr 16, 2024
Closed
@victorjulien
Copy link
Member Author

Closing in favor of #10864, which is a more user friendly approach.

@victorjulien victorjulien mentioned this pull request Apr 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
1 participant
@victorjulien