[Oisf-users] Suricata seperate Rx/Tx connection
mohammad kashif
kashif.alig at gmail.com
Wed Oct 30 12:13:49 UTC 2019
Hi
I am exploring Suricata as IDS for our 10Gbps setup. We are using Arista
switch as packet broker and mirroring Rx and Tx as Rx on two separate NIC
Ports on the server.
As suricata needs both side of flow to make sense of the traffic, what is
the best way to present this two separate ports as one to suricata?
Previously snort was running on the same setup and was using pfring and it
was running with option
-i eth0,eth1
Is that something similar in suricata or I am missing something obvious?
Regards
Kashif
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20191030/88e7974a/attachment.html>
More information about the Oisf-users
mailing list