Redirect traffic based on rules

Hi everyone,

I’d like to pass in-bound traffic which matches a rule out on one interface, and pass all (non-matching) other traffic on another.

How would you do this?

Thank you!

I think currently the only way to do this is by using NFQ and setting nfq marks from the suricata rules. In your iptables/nftables you can then use these marks.