Support #5148
closedIPS mode for Napatech Card
Description
Hi Team , Suricata only support napatech with IDS mode
and there is no other way around with napatech cards to make it run IPS mode
So I request you to add IPS functionality with napatech as napatech configuration in suricata.yaml allows inline option
in that way I can receive data from 1 port , drop alerts , and move data out from port 2.
Thanks
Updated by Victor Julien about 2 years ago
- Assignee changed from Jeff Lucovsky to Phil Young
- Priority changed from Urgent to Normal
The Napatech integration is maintained by Napatech, so please contact them to see if they are interested in addressing this.
Updated by Chatak Kumar about 2 years ago
Victor Julien wrote in #note-1:
The Napatech integration is maintained by Napatech, so please contact them to see if they are interested in addressing this.
Asked in their support , seems to inactive
Updated by Phil Young about 2 years ago
- Status changed from New to Resolved
- Assignee changed from Phil Young to Chatak Kumar
This functionality is already part of the Napatech Capture Method; and has been for some time. Please see the section on "Inline Operation" in https://github.com/OISF/suricata/blob/master/doc/userguide/capture-hardware/napatech.rst. If you need further support please send an e-mail to support@napatech.com and someone will help you with the configuration.
Updated by Chatak Kumar about 2 years ago
I hope you are talking about IPS mode , because suricata team member said it support only IDS or NSM
Updated by Victor Julien over 1 year ago
- Tracker changed from Feature to Support
- Status changed from Resolved to Closed
- Assignee deleted (
Chatak Kumar) - Target version deleted (
TBD)