947359f460
Tested with Snort 2.9.6.0 (which will be committed soon) on sparc64 by maintainer and on amd64 and macppc by myself.
18 lines
787 B
Plaintext
18 lines
787 B
Plaintext
$OpenBSD: patch-os-daq-modules_daq_ipfw_c,v 1.3 2014/01/30 03:22:48 lteo Exp $
|
|
|
|
This patch removes DAQ_CAPA_UNPRIV_START from the list of capabilities so that
|
|
Snort can run as an unprivileged user in inline mode. Sent upstream:
|
|
http://marc.info/?l=snort-devel&m=136254358118711&w=2
|
|
|
|
--- os-daq-modules/daq_ipfw.c.orig Tue Nov 5 16:00:32 2013
|
|
+++ os-daq-modules/daq_ipfw.c Thu Jan 23 22:05:29 2014
|
|
@@ -403,7 +403,7 @@ static int ipfw_daq_get_snaplen (void* handle)
|
|
static uint32_t ipfw_daq_get_capabilities (void* handle)
|
|
{
|
|
return DAQ_CAPA_BLOCK | DAQ_CAPA_REPLACE | DAQ_CAPA_INJECT | DAQ_CAPA_INJECT_RAW
|
|
- | DAQ_CAPA_BREAKLOOP | DAQ_CAPA_UNPRIV_START | DAQ_CAPA_BPF;
|
|
+ | DAQ_CAPA_BREAKLOOP | DAQ_CAPA_BPF;
|
|
}
|
|
|
|
static int ipfw_daq_get_datalink_type(void *handle)
|