[Oisf-users] Suricata NFQ in PREROUTING chain
Andreas Herz
aherz at oisf.net
Mon May 27 20:42:17 UTC 2019
Hi,
On 27/05/19 at 14:23, Pavel Stepanov wrote:
> Hi all!
> I am testing IPS mode and discovered an issue:
> Suricata can not detect TLS and HTTP in PREROUTING chain in mangle table. In
> FORWARD chain all works as expected.
> But I want to use PREROUTING because I need suricata's nfq marks _before_
> routing decision in kernel.
Can you share us more details about your setup and how you did configure
this?
--
Andreas Herz
More information about the Oisf-users
mailing list