Hi everyone,
I’m currently exploring Suricata in DPDK mode and wanted to ask whether it supports Layer 3 in-line configurations similar to what is described in the documentation for standard Linux deployments using iptables or nftables:
- 15. Setting up IPS/inline for Linux — Suricata 8.0.0-rc1-dev documentation
- 15. Setting up IPS/inline for Linux — Suricata 8.0.0-rc1-dev documentation
Specifically, is there support in DPDK mode for setting up in-line IPS at L3, or is it limited to L2 (Ethernet bridging) mode only?
If this is not currently supported, are there any plans to implement L3 in-line functionality for DPDK mode in future releases?
Another reason for asking this has to do with public cloud platforms were L2 in-line is not possible
Thanks in advance!