<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Gulim;
panose-1:2 11 6 0 0 1 1 1 1 1;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:"Malgun Gothic";
panose-1:2 11 5 3 2 0 0 2 0 4;}
@font-face
{font-family:"Malgun Gothic";}
@font-face
{font-family:Gulim;
panose-1:2 11 6 0 0 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
text-align:justify;
text-justify:inter-ideograph;
text-autospace:none;
word-break:break-hangul;
font-size:10.0pt;
font-family:"맑은 고딕",sans-serif;}
.MsoChpDefault
{mso-style-type:export-only;}
/* Page Definitions */
@page WordSection1
{size:612.0pt 792.0pt;
margin:3.0cm 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=KO><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>Hi all<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>I</span><span style='font-size:11.0pt'>’<span lang=EN-US>m a student studying Suricata for a project.<o:p></o:p></span></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>I tested and confirmed that the ruleset do not allow users to enter or enter websites such as google, facebook and so on.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>Also, I googled and confirmed that Suricata can manipulate packet if I want to. <o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>I use Suricata only for firewall component. And there are other compoents in my architecture.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>So I have to send packet to another component after the firewall creating the output and before the packet sending to destination.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>But I have no idea where the packets could be manipulated and which source code could be modified in the Suricata opensource.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>So, could you guys tell me what source code have to modified?<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>If you can feedback about it, please email me. Thank you.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>Kind regards<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'>DongJin</span><span lang=EN-US style='font-size:11.0pt'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt'>홍동진<span lang=EN-US> DongJin Hong<br></span>성균관대학교 전자전기컴퓨터공학과 석사과정<span lang=EN-US><br>MS Student<br>Dept. of Electrical and Computer Engineering<br>Sungkyunkwan University<br>E-mail : djhong813@skku.edu, djhong813@gmail.com<o:p></o:p></span></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt;font-family:"굴림",sans-serif'><o:p> </o:p></span></p></div></body></html>