Does your dockerized suricata drop packets?

malinkinsa / docker-suricata

Suricata Docker Image

2 stars 1 forks source link

Does your dockerized suricata drop packets? #3

Closed sudmed closed 1 year ago

sudmed commented 1 year ago

can it drop matching packets or generates alarm only?

malinkinsa commented 1 year ago

Hello. The container build is equipped with support for NFQueue mode packet blocking. However, additional configurations are required to utilize it. In the documentation example, it is only used in IDS mode (Alerts only).