On Wed, Jul 17, 2013 at 10:50:45AM -0400, Lawrence Teo wrote: > On Tue, Jul 16, 2013 at 04:56:34PM -0400, Adam Jeanguenat wrote: > > On 2013-07-11 at 22:33:48 -0400, Lawrence Teo wrote: > > > On Fri, May 31, 2013 at 07:41:21PM -0400, Lawrence Teo wrote: > > > > This patch fixes two issues with the IPFW DAQ module that's used by > > > > Snort inline: > > > > > > I would really like to commit these two DAQ fixes so that they can be > > > included on time for the 5.4 release. These fixes are needed for Snort > > > to run properly in inline mode. > > > > > > To recap, this diff fixes two issues: > > > > > > 1. Snort inline does not drop/reject packets > > > 2. Snort inline cannot run as an unprivileged user > > > > > > Since not many people are familiar with Snort inline on OpenBSD, I have > > > included my test procedure below for anyone who would like to replicate > > > my tests. > > > > > > Comments? OK? > > > > > > Thanks, > > > Lawrence > > > > I just finished applying the patch and following your test procedure on > > an i386 -current system updated today; I can confirm everything works > > exactly as described. > > > > Great finds. > > > > --avj > > Thank you for testing, Adam! > > Assuming no objections, I would like to commit this sometime at the end > of this week. OK's are definitely welcome too. :) > > Lawrence
After receiving some guidance from sthen@, I've decided to commit this now so that these fixes will be in the tree on time for the 5.4 release. Lawrence
