[Oisf-users] Inline IPS and HTTP
Phil Daws
uxbod at splatnix.net
Thu Apr 17 07:56:27 UTC 2014
Hello,
not sure whether we are having an issue or not but Suricata never appears to trigger on any ET HTTP rules at all which is making me wonder if we have a configuration error. On our firewall we are passing the traffic using:
-A FORWARD -i eth0 -o eth1 -j NFQUEUE
-A FORWARD -i eth1 -o eth0 -j NFQUEUE
and then in suricata.yaml we have:
HTTP_SERVERS: "[172.30.8.20/32]"
host-os-policy:
# Make the default policy windows.
windows: [0.0.0.0/0]
bsd: []
bsd-right: []
old-linux: []
linux: [10.0.0.0/8, 172.30.0.0/16, "8762:2352:6241:7245:E000:0000:0000:0000"]
old-solaris: []
solaris: ["::1"]
hpux10: []
hpux11: []
irix: []
macos: []
vista: []
windows2k3: []
have I missed anything ? Thank you.
More information about the Oisf-users
mailing list