[Oisf-users] Suricata-3.0.1: pf_ring IPS mode doesn' work.
oleg gv
oagvozd at gmail.com
Tue May 31 15:51:48 UTC 2016
Hello,
I'm using latest ntop pfring lib and kernel module and suricata works fine
in --pfring mode.
I create my own rule: "drop tcp any..." - and I only can see alerts with
[wDrop] type - packets only alerted and not dropped.
I looked in code and didn't see that it turn enging to IPS mode when using
pfring.
Is it possible to run suricata in IPS mode in --pfring capture mode ?
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160531/c1bdd79b/attachment.html>
More information about the Oisf-users
mailing list