[Oisf-users] Pass and Drop
martins.listz at gmail.com
Tue Jun 15 13:24:30 UTC 2010
Probably this is a silly question, but just can't find where is the answer.
When a pass rule is created for some criteria, does it means that all
the other filters with the same criteria are skipped?
I'll explain myself with an example.
Suppose that I want to set a web server behind suricata, and want to
let all the HOME_NET users to access it. I want to let those users
access the web server, but also want to have some filter in case that
I have an internal attack.
How does it work in that case? Will suricata let HOME_NET users access
the server, and also check that no one tries nasty things to it (like
sql injection for example)?
More information about the Oisf-users