Suricata is not fully reading or loading the iprep files
I have been trying to use Suricata as IPS. I decided to use L2 approaching with AFP. My goal is to use IP Reputation mechanism to block lot of IPs from different blacklists.
I managed to configure everything and I could confirm iprep works like charm with a small custom iprep list, but it looks like the same mechanism fails when the list grows large or there are many reputation lists to load. After some tests it looks like Suricata is not fully reading the iprep files, or that there is a limit to the number of lines it can read/load.
Please check more details in the following posts:
If there is a way to easily fix this issue or if you need more details, please let me know.
Updated by Victor Julien over 1 year ago
- Status changed from Assigned to Closed
- Assignee changed from Shivani Bhardwaj to Victor Julien