[Oisf-users] Suricata in AF-Packet Mode Configuration
Jitendra
jkilambi at gmail.com
Thu Jul 23 21:35:08 UTC 2015
Hello All,
I am setting up Suricata on Cent OS 7 as an IPS in front of an Cisco ASA
firewall...I have configured suricata.yaml, and when launching suricata in
af-packet, I can see it states copy mode is enabled and "doing copys". I
can also see packets are indeed being captured. the two nics are in promisc
mode. However, I must be missing something. The interface on the asa does
not see packets passthrough. If I place a bridge on the OS with the two
nics, the interface on the CISCO comes up as normal.
Any advice as what I could possibly be missing? AF-Packet packet mode in
suricata from my reading doesn't require a linux os bridge to be in place
as it "forms" a transparent bridge...
Thanks.
Regards,
Jit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20150724/2662206c/attachment.html>
More information about the Oisf-users
mailing list