Hi,
I'd like to use the --queue-bypass option of NFQUEUE. From iptables man
page:
--queue-bypass
By default, if no userspace program is listening on an
NFQUEUE, then all packets that are to be queued are dropped. When
this option is used, the NFQUEUE rule is silently bypassed instead.
The packet will move on to the next rule.
I tried to create a new action in embedded perl, but I can't figure
out the syntax to add an option to a target.
Moreover, I think I can't use a custom action in a policy (now, I have
"loc net NFQUEUE").
What's the best way to add the --queue-bypass option to nfqueue?
I quickly patched Rules.pm and it works as expected, but
--queue-bypass should be optional based on capabilities.
P.S. The final target of this work is to have snort/suricata setup
like described here:
http://www.spinics.net/lists/netfilter/msg55072.html
--
Ciao,
Filippo
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://p.sf.net/sfu/Zoho