In order to "monitor" traffic passing through the WG0 interface, this needs to be added to the Suricata configuration file (/run/ips/config/iface.yaml) and the Suricata process requires reload. This file is often rewritten by the UTM process :-(
Any idea for an elegant way to monitor changes in order to make sure the aforementioned file is always proper?
In order to "monitor" traffic passing through the WG0 interface, this needs to be added to the Suricata configuration file (
/run/ips/config/iface.yaml) and the Suricata process requires reload. This file is often rewritten by the UTM process :-( Any idea for an elegant way to monitor changes in order to make sure the aforementioned file is always proper?TIA