Post · BT Free Social

Post

Finally found some time to dig into Linux Network Namespaces. It's an amazingly powerful capability for testing tools like #Suricata

Here's how it can be used for Suricata even running in Github-Actions:
https://github.com/OISF/suricata/pull/14700

It tests our AF_PACKET IPS bridge mode by bridging 2 network namespaces. It also tests our NFQUEUE based IPS mode, where it routes between 2 network name spaces.

This was a great explanation, very helpful:
https://www.redhat.com/en/blog/net-namespaces

Next: SV like tooling :)

RE: https://mastodon.social/@inliniac/115966463966998157

Can't believe no one cares, to me this is the coolest thing ever ;-)

Anyway, extended it with #Suricata bridging two bond interfaces, each bonding 2 veth interfaces...

https://github.com/OISF/suricata/pull/14769

BT Free Social

BT Free is a non-profit organization founded by @ozoned@btfree.social . It's goal is for digital privacy rights, advocacy and consulting. This goal will be attained by hosting open platforms to allow others to seamlessly join the Fediverse on moderated instances or by helping others join the Fediverse.

BT Free Social: About · Code of conduct · Privacy ·

Bonfire social · 1.0.1 no JS en

Automatic federation enabled