Suricata
1. What is Suricata
2. Quickstart guide
3. Installation
4. Upgrading
5. Security Considerations
6. Support Status
7. Command Line Options
8. Suricata Rules
9. Rule Management
10. Making sense out of Alerts
11. Performance
12. Configuration
13. Reputation
14. Init Scripts
15. Output
16. Lua support
17. File Extraction
18. Public Datasets (PCAPs)
19. Using Capture Hardware
20. Interacting via Unix Socket
21. Plugins
22. IPS Mode
22.1. IPS Concept
22.2. Setting up IPS/inline for Linux
22.3. Setting up IPS/inline for Windows
23. Firewall Mode
24. 3rd Party Integration
25. Man Pages
26. Acknowledgements
27. Licenses
28. Suricata Developer Guide
29. Verifying Suricata Source Distribution Files
30. Appendix
31. Known Issues
Suricata
22.
IPS Mode
View page source
22.
IPS Mode
22.1. IPS Concept
22.1.1. Differences from the passive IDS mode
22.1.1.1. TCP stream engine
22.1.1.2. http body inspection
22.1.1.3. file.data
22.1.2. Exception Policies
22.1.3. Differences from Firewall Mode
22.2. Setting up IPS/inline for Linux
22.2.1. Setting up IPS with Netfilter
22.2.1.1. Iptables configuration
22.2.1.2. NFtables configuration
22.2.1.3. NFQUEUE advanced options
22.2.2. Setting up IPS at Layer 2
22.2.2.1. AF_PACKET IPS mode
22.2.2.2. DPDK IPS mode
22.2.2.3. Netmap IPS mode
22.2.2.3.1. Netmap Host Stack Mode
22.3. Setting up IPS/inline for Windows