[Oisf-users] suppress in threshold + packets dropped

erik clark philosnef at gmail.com
Mon Nov 28 14:05:11 UTC 2016

I am supressing 33 signatures with

suppress gen_id 1, sig_id $sid

Since doing this, I see that Suricata is dropping around 12% of the
packets. This doesnt make any sense. Are suppressed signatures "dropped"?
Why are my stats crazy like this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161128/0b057135/attachment.html>

More information about the Oisf-users mailing list