[Oisf-users] Suricata + Netmap IPS - kernel drop packets
Victor Julien
lists at inliniac.net
Thu Mar 1 13:13:28 UTC 2018
On 15-02-18 10:55, Vincent wrote:
> I want to suricata to perform a first filter and return traffic to the
> kernel to process it with iptables
The netmap IPS mode is designed to use 2 interfaces. A single interface
setup is not supported.
For this scenario I would suggest looking at using NFQ instead, as it
integrates nicely with iptables.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list