[Oisf-users] X-Real-IP and X-Real-Port headers from Akamai

C. L. Martinez carlopmart at gmail.com
Wed Jul 11 15:04:40 UTC 2018

Please, any tip?

On Mon, Jul 9, 2018 at 12:41 PM, C. L. Martinez <carlopmart at gmail.com>

> Hi all,
>  We have detected two Akamai headers that we can't to use them to trigger
> alerts: X-Real-IP and X-Real-Port (we are using Suricata 4.1-beta1).
>  X-Real-IP appears as a second or third field under XFF, but we can't
> catch them to trigger alerts.
>  Any idea how can we deal with this?
> Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180711/612e9739/attachment.html>

More information about the Oisf-users mailing list