svn commit: r408015 - in head/security/suricata: . files
Kubilay Kocak
koobs at FreeBSD.org
Thu Feb 4 07:58:48 UTC 2016
Author: koobs
Date: Thu Feb 4 07:58:46 2016
New Revision: 408015
URL: https://svnweb.freebsd.org/changeset/ports/408015
Log:
security/suricata: Add netmap IPS mode to pkg-message
PR: 206875
Submitted by: Franco Fichtner <franco opnsense org>
Modified:
head/security/suricata/Makefile
head/security/suricata/files/pkg-message.in
Modified: head/security/suricata/Makefile
==============================================================================
--- head/security/suricata/Makefile Thu Feb 4 07:21:45 2016 (r408014)
+++ head/security/suricata/Makefile Thu Feb 4 07:58:46 2016 (r408015)
@@ -3,6 +3,7 @@
PORTNAME= suricata
PORTVERSION= 3.0
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= http://www.openinfosecfoundation.org/download/
Modified: head/security/suricata/files/pkg-message.in
==============================================================================
--- head/security/suricata/files/pkg-message.in Thu Feb 4 07:21:45 2016 (r408014)
+++ head/security/suricata/files/pkg-message.in Thu Feb 4 07:58:46 2016 (r408015)
@@ -7,7 +7,8 @@ If you want to run Suricata in IDS mode,
NOTE: Declaring suricata_interface is MANDATORY for Suricata in IDS Mode.
-However, if you wanna run Suricata in Inline IPS Mode, add to /etc/rc.conf:
+However, if you want to run Suricata in Inline IPS Mode in divert(4) mode,
+add to /etc/rc.conf:
suricata_enable="YES"
suricata_divertport="8000"
@@ -18,6 +19,16 @@ NOTE:
rc.d/suricata will automatically try to start Suricata in IPS Mode
(on divert port 8000, by default).
+Alternatively, if you want to run Suricata in Inline IPS Mode in high-speed
+netmap(4) mode, add to /etc/rc.conf:
+
+ suricata_enable="YES"
+ suricata_netmap="YES"
+
+NOTE:
+ Suricata requires additional interface settings in the configuration
+ file to run in netmap(4) mode.
+
RULES: Suricata IDS/IPS Engine comes without rules by default. You should
add rules by yourself and set an updating strategy. To do so, please visit:
More information about the svn-ports-all
mailing list