Suricata

When libnet is used to send a reject message, there is currently no choosen interface. In sniffing mode, this result on the packet being sent to the routing interface which is not the attended behavior.

A fix is to add a suri-is-router YAML variable. If set to yes, then we keep the system unchanged. If set to no, then we sent the RST packet on the interface the packet comes from. If set to auto (default) we are setting internally the variable to yes in IPS mode and no in IDS mode.