hello I’ve installed Suricata on win 10 virtual machine and it’s working normally as an IDS But when i’m trying to work as an IPS it’s not working but it just shows me an alet with;
09/24/2023-04:57:04.189898 [wDrop] [] [1:123:1] hello Hasan [] [Classification: (null)] [Priority: 3] {ICMP} 192.168.10.129:8 → 8.8.8.8:0
and this is the Rule :
Drop ICMP $HOME_NET any → 8.8.8.8 any (msg:“hello Hasan”; sid:123; rev:1;)
after a lot of search i found that i need to run Windivert to be able to really drop the packets.
So can a yone help on how to install and work with win divert because all the documents that i saw it’s not helping me.
thanks in advance