[Oisf-users] A question about using suricata as an IPS
carlopmart
carlopmart at gmail.com
Fri Apr 1 14:43:04 UTC 2011
Hi all,
I have configured a suricata sensor as an IPS. To do this I have setup
a bridge (ipsif0) and i have setup this iptables rule:
iptables -A FORWARD -j NFQUEUE --queue-num 0
and I have startup suricata with this options:
"/usr/local/bin/suricata -c
/data/config/etc/suricata-inet/suricata.yaml -D --pidfile
/var/run/suricata-inet.pid -q 0"
But, How do suricata sensor know on which interface needs to monitor?
Or do I need to adjust this on the iptables rule??
Thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com
More information about the Oisf-users
mailing list