[Oisf-users] Does suricata support Different rulesets for each interface

Andreas Herz andi at geekosphere.org
Tue Apr 11 20:46:40 UTC 2017

On 11/04/17 at 22:23, Özkan KIRIK wrote:
> I need to perform different rulesets for each interface.
> For example for WAN interface the ruleset will contain espcialls DoS and
> SQL injection rules. For LAN interface the ruleset will contain P2P rules.

One "simple" approach would be to use two dedicated config files and you
pass one for one suricata instance with -c /PATH/wan.yaml and another
one with the second instance with -c /PATH/lan.yaml.

Andreas Herz

More information about the Oisf-users mailing list