Project

General

Profile

Actions

Support #2642

closed

ignoring/drop GRE or MPLS protole into Suricata IDS

Added by lolilol party about 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Affected Versions:
Label:

Description

Hello,

I have installed suricata IDS in my compute.

The probe works well with init.d (/ usr / bin / suricata -c /etc/suricata/suricata.yaml --pidfile /var/run/suricata.pid --af-packet -D -vvv) which will read the multiple interfaces defined in the `af-packet` section in the /etc/suricata/suricata.yaml file

but, I have to filter some low-level protocol, like the GRE protocol or the MLPS over UDP, and that I can not.

I did multiple tests but I did not succeed

Actions

Also available in: Atom PDF