Yes I can provide a header with the “original” src->dst but I want to be able to have Suricata output it as part of the alert payload, is that possible ?
Yes I can provide a header with the “original” src->dst but I want to be able to have Suricata output it as part of the alert payload, is that possible ?