Suricata DRP rules.

[suri cata]

Hello everyone,

A question about Suricata.

If I create a DROP rule, for how long does Suricata block a connection?

Greetings

[Peter Manev]

Hi,

Depends on what IPS mode you have set up
https://docs.suricata.io/en/suricata-6.0.13/setting-up-ipsinline-for-linux.html
This one here is specific for af-packet -
https://docs.suricata.io/en/suricata-6.0.13/setting-up-ipsinline-for-linux.html#af-packet-ips-mode

Thanks

> --
> Discord: Let's talk about SELKS on
> https://discord.com/channels/911231224448712714/911238451842666546
> Wiki: https://github.com/StamusNetworks/SELKS/wiki
> GitHub: https://github.com/StamusNetworks/SELKS
> Blog: https://www.stamus-networks.com/blog
> Twitter: @StamusN
> ---
> You received this message because you are subscribed to the Google Groups "SELKS" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to selks+un...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/selks/15bfa375-f169-4533-9776-8b3817c54024n%40googlegroups.com.



--
Regards,
Peter Manev

[suri cata]

Hí, Peter

Thanks