Feature #390
closedSuricata support for Packetfence
Description
Hi,
I was curious if there is any ongoing work to make Suricata work with Packetfence. Packetfence officially supports Snort and it would be nice if Suricata can support Packetfence too.
Updated by Peter Manev about 13 years ago
Hi,
I think this would be very nice.
What exactly do we need to do? - "it would be nice if Suricata can support Packetfence too." - what do we need to do?
Thank you
Updated by Lambert Osas almost 13 years ago
Yes, I just figured out that since Packetfence is a powerful NAC, this combined with suricata would really be impressive.
Updated by Lambert Osas almost 13 years ago
Just an update:
I intentionally reduced the IP rules to 101 and to my surprise ALL rules were loaded without any errors.
Updated by Lambert Osas almost 13 years ago
Sorry, the above update is for another issue. Please ignore it.
Updated by Victor Julien almost 13 years ago
Some work has been done by the Packetfence project here: http://mtn.inverse.ca/branch/changes/org.packetfence.feature.suricata
Also, issue #250 was opened with Packetfence in mind. This issue should be resolved soon, so hopefully this will lead to some easier integration!
Updated by Olivier Bilodeau almost 13 years ago
The branch mentioned by Victor should be merged in our core pretty soon. Expect Surricata support in PacketFence soon.
For those interested, this is tracked in our issue tracker here: http://www.packetfence.org/bugs/view.php?id=1141
Updated by Victor Julien almost 13 years ago
This made me smile: "Suricata is another SNORT-like IDS coded in Python." Python, yeah right! :-D
Updated by Victor Julien almost 13 years ago
- Status changed from New to Closed
Looks like this will soon be addressed by the PacketFence project. Closing this ticket.