[Oisf-users] Would it be possible to run a query per http request?

Cooper F. Nelson cnelson at ucsd.edu
Mon Nov 28 16:57:36 UTC 2016

You want squid for this:


FYI I run both suricata and squid and they are each extremely useful in
their own domain.  Squid is particularly good for this application as it
can present a custom error page to the user informing them that the
request was blocked.


On 11/25/2016 4:35 AM, Eliezer Croitoru wrote:
> Hey,
> I am working with proxies for quite some time and I was wondering if it
> would be possible to use surricata the next way:
> - Inspect http request
> - Verify against a DB the request URL
> - Deny or Allow the http request

Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161128/24a4f09b/attachment-0002.sig>

More information about the Oisf-users mailing list