[Oisf-users] Question on IP Tables and Bridged interface with AF-Packet
Albert E. Whale, CEH CHS CISA CISSP
Albert.Whale at IT-Security-inc.com
Thu Feb 14 15:59:41 UTC 2019
Beautiful! That worked perfectly!
Thank you everyone.
On 2/14/19 8:39 AM, Edwin van Vliet wrote:
> Albert wrote:
>> The problem becomes apparent when Suricata matches an IP Address which
>> is part of one of the groups in the iptables ruleset. Suricata sees it, but
>> the IP Tables rules do not detect it.
> Is the br_netfilter kernel module loaded? Bridges are kind of special.
> You need to set the net.bridge.bridge-nf-call-iptables sysctl setting if you want to filter your bridges.
>
> Edwin
>
--
--
--
Albert E. Whale, CEH CHS CISA CISSP
Email: Albert.Whale at IT-Security-inc.com
Cell: 412-889-6870
More information about the Oisf-users
mailing list