[Oisf-devel] Connection Reset Code
Victor Julien
victor at inliniac.net
Wed Aug 13 12:46:55 UTC 2014
On 08/12/2014 06:28 PM, Robert Clove wrote:
> I am searching for TCP connection reset code in suricata.
> As if there is a TCP connection established between the client and
> server and suricata is running in the IPS mode,if the packet coming to
> client is malicious and the packet is dropped.Suricata will have to
> reset connection packet to the client.
>
> Is there such a code in Suricata.
https://github.com/inliniac/suricata/blob/master/src/respond-reject-libnet11.c#L75
It depends on libnet 1.1 and is triggered by 'reject' rules in Suricata.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list