Feature #781
closed
IDS using NFLOG iptables target
Added by Premysl Hruby about 11 years ago.
Updated almost 10 years ago.
Description
It would be super nice if Suricata would be able to process packets send from NFLOG iptables target.
Usecases:
- More complex filtering of trafic which should be checked by Suricata
- Using Suricata only on traffic which got ACCEPTed by iptables, no-one is interested about traffic he's droping on FW
- Assignee set to Anonymous
- Target version set to TBD
This would be a great ticket to get familiar with Suricata packet input module development.
The API is documented here Packet_Acquisition_API.
The procedure around community tasks is documented here: OISF_Community_Tasks
- Status changed from New to Assigned
- Assignee changed from Anonymous to Giuseppe Longo
- Target version changed from TBD to 3.0RC2
- Status changed from Assigned to Closed
- Target version changed from 3.0RC2 to 2.0.2
- % Done changed from 0 to 100
Also available in: Atom
PDF