[Oisf-users] suricata not drop http traffic
Victor Julien
lists at inliniac.net
Fri Oct 12 21:08:18 UTC 2012
On 10/12/2012 10:51 PM, Heřbolt, Lukáš wrote:
> Hello,
> I have Suricata 1.3.2 installed on my CentOS 6.3.
> Suricata is running IPS/inline mode with nfqueue.
> If I create rule with drop option suricata just logged
> it into fast.log and drop.log, but no packet is dropped,
> and http traffic works normaly.
Can you give an example of a rule?
Also, did you enable "inline" in the stream section?
stream:
memcap: 32mb
checksum_validation: yes # reject wrong csums
inline: yes
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list