On Wed, Jul 17, 2013 at 10:50:45AM -0400, Lawrence Teo wrote:
> On Tue, Jul 16, 2013 at 04:56:34PM -0400, Adam Jeanguenat wrote:
> > On 2013-07-11 at 22:33:48 -0400, Lawrence Teo wrote:
> > > On Fri, May 31, 2013 at 07:41:21PM -0400, Lawrence Teo wrote:
> > > > This patch fixes two issues with the IPFW DAQ module that's used by
> > > > Snort inline:
> > > 
> > > I would really like to commit these two DAQ fixes so that they can be
> > > included on time for the 5.4 release.  These fixes are needed for Snort
> > > to run properly in inline mode.
> > > 
> > > To recap, this diff fixes two issues:
> > > 
> > > 1. Snort inline does not drop/reject packets
> > > 2. Snort inline cannot run as an unprivileged user
> > > 
> > > Since not many people are familiar with Snort inline on OpenBSD, I have
> > > included my test procedure below for anyone who would like to replicate
> > > my tests.
> > > 
> > > Comments? OK?
> > > 
> > > Thanks,
> > > Lawrence
> > 
> > I just finished applying the patch and following your test procedure on
> > an i386 -current system updated today; I can confirm everything works
> > exactly as described.
> > 
> > Great finds.
> > 
> >     --avj
> 
> Thank you for testing, Adam!
> 
> Assuming no objections, I would like to commit this sometime at the end
> of this week.  OK's are definitely welcome too. :)
> 
> Lawrence

After receiving some guidance from sthen@, I've decided to commit this
now so that these fixes will be in the tree on time for the 5.4 release.

Lawrence

Reply via email to