[Oisf-users] suricata and geoip
Vieri
rentorbuy at yahoo.com
Mon Feb 20 07:10:31 UTC 2017
Hi,
I noticed that the Suricata docs mention that the libgeoip country code to be used in Suricata rules for United Kingdom is "UK".
http://suricata.readthedocs.io/en/latest/rules/header-keywords.html?highlight=geoip
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/GeoIP
Pease correct me if I'm wrong, but there's no such country code in Maxmind. The code for United Kingdom should be "GB".
Thanks,
Vieri
More information about the Oisf-users
mailing list