Project

General

Profile

Actions

Feature #390

closed

Suricata support for Packetfence

Added by Lambert Osas about 13 years ago. Updated almost 13 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Target version:
-
Effort:
Difficulty:
Label:

Description

Hi,

I was curious if there is any ongoing work to make Suricata work with Packetfence. Packetfence officially supports Snort and it would be nice if Suricata can support Packetfence too.

Actions #1

Updated by Peter Manev about 13 years ago

Hi,
I think this would be very nice.
What exactly do we need to do? - "it would be nice if Suricata can support Packetfence too." - what do we need to do?

Thank you

Actions #2

Updated by Lambert Osas almost 13 years ago

Yes, I just figured out that since Packetfence is a powerful NAC, this combined with suricata would really be impressive.

Actions #3

Updated by Lambert Osas almost 13 years ago

Just an update:

I intentionally reduced the IP rules to 101 and to my surprise ALL rules were loaded without any errors.

Actions #4

Updated by Lambert Osas almost 13 years ago

Sorry, the above update is for another issue. Please ignore it.

Actions #5

Updated by Victor Julien almost 13 years ago

Some work has been done by the Packetfence project here: http://mtn.inverse.ca/branch/changes/org.packetfence.feature.suricata

Also, issue #250 was opened with Packetfence in mind. This issue should be resolved soon, so hopefully this will lead to some easier integration!

Actions #6

Updated by Olivier Bilodeau almost 13 years ago

The branch mentioned by Victor should be merged in our core pretty soon. Expect Surricata support in PacketFence soon.

For those interested, this is tracked in our issue tracker here: http://www.packetfence.org/bugs/view.php?id=1141

Actions #7

Updated by Victor Julien almost 13 years ago

This made me smile: "Suricata is another SNORT-like IDS coded in Python." Python, yeah right! :-D

Actions #8

Updated by Victor Julien almost 13 years ago

  • Status changed from New to Closed

Looks like this will soon be addressed by the PacketFence project. Closing this ticket.

Actions

Also available in: Atom PDF