[Oisf-users] Installing suricata inline in a squid host

C. L. Martinez carlopmart at gmail.com
Wed Feb 10 08:23:57 UTC 2016

Hi all,

I have installed a squid host as a mitm proxy for http and https requests.
My idea is to install suricata online inside this host but I have two

a/ if I am not wrong I can only use iptables rules instead of afpacket to
monitor all requests. Is it correct?

b/ Due to I am using sslbump to decrypt ssl requests, how can I configure
suricata and iptables to "see" the payload of these decrypted connections?.

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160210/5fd275a9/attachment.html>

More information about the Oisf-users mailing list