[Oisf-users] threshold.config problem ---- help

郑博文 anshuitian at gmail.com
Mon Dec 3 08:40:49 UTC 2012

Hi everybody:
    I use suricata by IPS mode, I want some rules take effect for certain
IP or subnet when use suricata, and I want set action type and whether to
record log, etc. I would like to know suricata 1.3.4 version whether
implements this feature?
Then when I learn suricata source codes about threshold.config, I found it
'get type of rule' matched with 'rate' in SCThresholdConfAddThresholdtype()
function, but write 'rate_filter' into threshold.config in test function
SCThresholdConfGenerateValidDummyFD08(), which contrary to the previous.Why?
    Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20121203/5d0d4555/attachment.html>

More information about the Oisf-users mailing list