[Oisf-users] reject-rules don't drop packages
Eric Leblond
eric at regit.org
Tue Jan 10 10:43:15 UTC 2012
Hello,
Le mardi 10 janvier 2012 à 10:56 +0100, Thorsten Wagener - Travanto
Travel a écrit :
> Hi,
>
> my suricata Version 1.1.1 does not drop packages from reject rules.
>
> I know that there was a Bug, which was fixed in v1.1beta2 but it is
> still there. Can anyone confirm this Problem?
>
> Drop-rule works and bad traffic is dropped. with reject the traffic is
> not dropped, but a tcp/rst package is sent. Sometimes the rst-package
> is incoming before the answer and the connection is cancled, but the
> bad traffic is still not dropped.
>
> stream inline is set to yes.
Are you using the new 'worker' mode ?
There is an issue in it we found after reading your mail. I've got a
patch for it but it is functionnaly untested. I can send it to you if
you want.
BR,
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20120110/7f218436/attachment.sig>
More information about the Oisf-users
mailing list