Skip to content

WinDivert: upgrade to newer versions and fix documentation #14362

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
erdnaxe wants to merge 2 commits into from
Closed

WinDivert: upgrade to newer versions and fix documentation #14362

erdnaxe wants to merge 2 commits into from

Conversation

@erdnaxe
Copy link
Contributor

@erdnaxe erdnaxe commented Nov 23, 2025
edited
Loading

Tested using WinDivert 2.2.2 on a freshly installed Windows 11 virtual machine.

Contribution style:

Our Contribution agreements:

Changes (if applicable):

Link to ticket: https://redmine.openinfosecfoundation.org/issues/8138 https://redmine.openinfosecfoundation.org/issues/8137

Describe changes:

  • Make Suricata able to compile with WinDivert 2 (released in 2019).
  • Update Windows build instructions to add WinDivert configure example.

Provide values to any of the below to override the defaults.

  • To use a Suricata-Verify or Suricata-Update pull request,
    link to the pull request in the respective _BRANCH variable.
  • Leave unused overrides blank or remove.

SV_REPO=
SV_BRANCH=
SU_REPO=
SU_BRANCH=

@github-actions
Copy link

github-actions bot commented Nov 23, 2025

NOTE: This PR may contain new authors.

@github-actions
Copy link

github-actions bot commented Nov 23, 2025

NOTE: This PR may contain new authors.

@github-actions
Copy link

github-actions bot commented Nov 23, 2025

NOTE: This PR may contain new authors.

@erdnaxe erdnaxe requested a review from jasonish as a code owner November 23, 2025 20:00
@github-actions
Copy link

github-actions bot commented Nov 23, 2025

NOTE: This PR may contain new authors.

@erdnaxe
windivert: upgrade to 2.0.0
d1e62a9 
WinDivert 2 was released in 2019. This introduced some minimal
changes to some functions arguments.

Bug: OISF#8138.
@erdnaxe
doc/userguide: update windivert instructions
1fe00f6 
The IPS documentation for Windows had a dead link
to a PDF. Update the Windows build page to include
WinDivert instructions.

Documentation: OISF#8137.
@github-actions
Copy link

github-actions bot commented Nov 23, 2025

NOTE: This PR may contain new authors.

@codecov
Copy link

codecov bot commented Nov 23, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.19%. Comparing base (459e259) to head (1fe00f6).
⚠️ Report is 74 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #14362      +/-   ##
==========================================
- Coverage   84.19%   84.19%   -0.01%     
==========================================
  Files        1012     1012              
  Lines      261796   261796              
==========================================
- Hits       220414   220411       -3     
- Misses      41382    41385       +3
Flag Coverage Δ
fuzzcorpus 63.28% <ø> (+<0.01%) ⬆️
livemode 18.73% <ø> (-0.01%) ⬇️
pcap 44.64% <ø> (+0.03%) ⬆️
suricata-verify 64.96% <ø> (-0.01%) ⬇️
unittests 59.24% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@victorjulien
Copy link
Member

victorjulien commented Dec 2, 2025

Thanks @erdnaxe
I've asked @pevma to see if he can test this PR.

jufajardini
jufajardini reviewed Dec 2, 2025
View reviewed changes
Copy link
Contributor

@jufajardini jufajardini left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for updating the docs and removing the outdated reference to Redmine!

Just noticed a small typo.

doc/userguide/install/windows.rst
MSYS2 libpcap will be used without live capture support.

.. note:: If building with WinDivert, you may add ``--enable-windivert=yes``
then points to the extraction path using
Copy link
Contributor

@jufajardini jufajardini Dec 2, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: s/points/point

@pevma
Copy link
Member

pevma commented Dec 10, 2025

Tested building the WinDivert on cpl systems , looks good.
Not sure how to properly test conclusively the FW/blocking part in VM env though.

@victorjulien victorjulien added this to the 9.0 milestone Dec 10, 2025
@victorjulien victorjulien mentioned this pull request Dec 11, 2025
Merged
@victorjulien
Copy link
Member

victorjulien commented Dec 11, 2025

Merged in #14462, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jufajardini jufajardini jufajardini left review comments

@victorjulien victorjulien victorjulien approved these changes

@jasonish jasonish Awaiting requested review from jasonish jasonish is a code owner

Assignees

@pevma pevma

Labels

None yet

Milestone

9.0

Development

Successfully merging this pull request may close these issues.

4 participants

@erdnaxe @victorjulien @pevma @jufajardini