[Oisf-users] PF_RING, packets and IPS
Will Metcalf
william.metcalf at gmail.com
Fri Nov 19 15:58:21 UTC 2010
I'm still not sure I understand. PF_RING is completely passive it has
no interaction with iptables. Are you looking for functionality
similar to snortsam http://www.snortsam.net/? Or perhaps you mean to
use suricata inline in conjuction with iptables/NFQUEUE? This will
allow you to create drop rules and thus deny traffic that matches
certain characteristics.
Regards,
Will
On Tue, Nov 16, 2010 at 4:07 AM, Viacheslav Biriukov
<v.v.biriukov at gmail.com> wrote:
> Inline mode. In my previous message i attach the picture. It's right packets
> path in inline mode? How can I add rules to the iptables in this case?
>
> --
> Viacheslav Sov1et Biriukov
> http://openstar.com.ua
>
More information about the Oisf-users
mailing list