Project

General

Custom queries

Profile

Actions
Copy link

Support #2998

closed

Rules Reload doesn't work properly

Added by Leonid Inodin almost 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Leonid Inodin
Affected Versions:
5.0.0
Label:

Description

I need to drop icmp traffic from 8.8.8.8 (for example). I have created my own rule file (this rules file name is added to the main config file) with 1 rule: drop icmp 8.8.8.8 any -> $HOME_NET any (msg:"Our Blocking Rule"; priority:1; sid:777;). When I use "kill -USR2 $(pidof suricata)", in suricata.log everything is ok. But ICMP with 8.8.8.8 seems not to be dropped. Why?

#2

Updated by Andreas Herz almost 6 years ago

  • Status changed from New to Feedback
  • Assignee set to Leonid Inodin
  • Target version set to TBD
#4

Updated by Andreas Herz over 5 years ago

  • Status changed from Feedback to Closed
#5

Updated by Victor Julien over 5 years ago

  • Tracker changed from Bug to Support
Actions
Copy link

Also available in: Atom PDF