[Oisf-users] OT: Filtering police for ingress and egress traffic
C. L. Martinez
carlopmart at gmail.com
Thu Sep 19 07:53:51 UTC 2013
Hi all,
I have two suricata sensors "connected" to a one SPAN port, but I
have a problems with duplicate packets like Richard Bejtlich explains
in this post:
http://taosecurity.blogspot.com.es/2005/11/why-duplicate-packets-may-appear-on.html
Somebody knows if it possible to establish some type of filtering
police to discriminate ingress and egress traffic using linux network
stack??
I have found some options using "tc" commands but I don't know if
this can works ... Any example??
Thanks.
More information about the Oisf-users
mailing list