[Discussion] Questions about Suricata

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I have few more questions about Suricata:

1.  I want to know is there a way to use api to update/modify suricata.yaml file? Or Is there a way to modify the yaml file using GUI?
2. Can I use same suricata instance to do both IDS (for L3,4) and IPS (for L3,L4,L7)?
3. Which is better NFQ or AF_Packet?
4. If I use NFQ, how should I configure the iptables rules to forward the packets to Suricata IPS?

Thanks
Samiksha


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/discussion/attachments/20150519/175a8554/attachment.html>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]