[Oisf-users] Suricata inline in AF-packet mode, reject and drop rules don't send tcp reset
Victor Julien
lists at inliniac.net
Tue Nov 10 20:46:07 UTC 2015
On 03-11-15 17:20, CCAI CCIE wrote:
> I am running Suricata inline in AF-packet mode, reject and drop rules
> don't send tcp reset which result in slow browsing and client hanging.
> Does AF-packet mode support tcp reset?
I think the reset needs an interface with a route to the ip that needs
to receive the RST, but not sure. Never tested this scenario.
Eric, you did some reset improvements sometime back, do you remember
testing this scenario?
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list