[Oisf-users] suricata not drop http traffic
Heřbolt, Lukáš
lukas.herbolt at etnetera.cz
Sun Oct 14 09:45:45 UTC 2012
Thank you, that was the the problem.
It's woking now.
On 12 October 2012 23:08, Victor Julien <lists at inliniac.net> wrote:
> On 10/12/2012 10:51 PM, Heřbolt, Lukáš wrote:
> > Hello,
> > I have Suricata 1.3.2 installed on my CentOS 6.3.
> > Suricata is running IPS/inline mode with nfqueue.
> > If I create rule with drop option suricata just logged
> > it into fast.log and drop.log, but no packet is dropped,
> > and http traffic works normaly.
>
> Can you give an example of a rule?
>
> Also, did you enable "inline" in the stream section?
>
> stream:
> memcap: 32mb
> checksum_validation: yes # reject wrong csums
> inline: yes
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
--
Lukáš Heřbolt
Linux Administrator
ET NETERA | smart e-business
[a] Milady Horákové 108, 160 00 Praha 6
[t] +420 725 267 158 [i] www.etnetera.cz
~
[www.ifortuna.cz | www.o2.cz | www.datart.cz ]
[www.skodaplus.cz | www.nivea.cz | www.allianz.cz]
Created by ET NETERA | Powered by jNetPublish
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20121014/f859cf4a/attachment-0002.html>
More information about the Oisf-users
mailing list