custom rules for port 20015

lizardsquad · June 10, 2025, 8:28pm

Hello,

I’m using chatgpt to configure custom rules for port 20015. It suggested this rule, but it doesn’t work. Can anyone help me?

drop tcp any any → any 20015 (msg:“BLOCK: TCP 20015 > 40/s”;
rate_filter: track by_src, count 1, seconds 1, new_action drop, timeout 60, expire 300;
sid:1102001; rev:1;)

clocks-00-nix · June 24, 2025, 7:29pm

ChatGPT doesn’t seem to be aware of the correct Suricata rule syntax. You may want to try Claude instead: https://claude.ai/share/a3a03f84-2133-4f28-9a1b-3fb950b4190c