How to allow or any other speedtest link on Suricata

Hello Suricata guru,
I tried following but speedtest keep getting stuck

pass http $HOME_NET any → $EXTERNAL_NET 80 (; dotprefix; content:“”; endswith; msg:“Pass HTTP to”; sid:1162; rev:1;)
pass tls $HOME_NET any → $EXTERNAL_NET 443 (tls.sni; dotprefix; content:“”; endswith; msg:“Pass TLS to”; sid:1163; rev:1;)

Please provide more details, we don’t know what version you are using, what config, how you run Suricata (there are several IPS modes, since I assume you do IPS).

Sure, I am using Suricata on AWS network firewall. I want to limit traffic flowing from AWS network firewall and allow speedtest domain for testing.

You could ask the AWS support for help in that case.

As I said we would need more details about the actual Suricata version, config etc.
Also which block/drop signatures you use that might block the traffic regardless of your pass rule.