Hello,
I am currently thinking of deploying Suricata as an IPS solution that acts as a gateway between my network and the internet. I found the 2 modes af-packet and nfqueue, but I can’t understand well the big difference between them and which is better for this scenario.
Essentially with af-packet you have a bridge, with nfqueue you have a router.
1 Like