[Oisf-users] Suricata AF_PACKET 4 interfaces 2 subnets problem.
Peter Manev
petermanev at gmail.com
Wed Feb 10 10:43:27 UTC 2016
On Wed, Feb 10, 2016 at 11:38 AM, Jose Carlos Álvarez
<jcalvarezvg at gmail.com> wrote:
> Hi all:
>
> I'm testing suricata 2.1 Beta 4 on a server with 4 RJ45 interfaces; Suricata is configured in AF_PACKET IPS mode interfaces eth1-eth2 (pair 1) and eth3-eth4 (pair 2)
>
> I am filtering simultaneously a subnet in pair 1 and other subnet in pair 2.
>
> Traffic on pair 1 goes fine, but in pair 2 IMAP traffic doesn't goes through.
>
> I have revised the logs and apparently no rules are dropping IMAP traffic. Any hints?
Do you have such rules enabled though ?
A basic test will be to load with 0 rules and see if you still have
the same problem?
Thanks
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list