4. Suricata inline mode mark packet and process it with firewall rule??

Suricata inline mode mark packet and process it with firewall rule??

  • H

    I would like to do some policy routing base on contents of a packet, but the firewall rule does not have complex dpi function i.e. deep packet inspection. I had a try with suricata, and it could perfectly inspect the packet by creating my custom rules. But it only allows me to drop the packet. I wonder if it can somehow tag the packet; and later, there could be some firewall rules to process these packet with certain tags.

    0
  • H

    I've searched the "whole" internet for days, but I haven't notice anything on this topic. Would someone please help me?

    0

  • What you want to do is not currently possible with either Suricata or Snort on pfSense.  The firewall and the IDS/IPS do not cooperate with other at that level.

    Bill

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy