Hi everyone,
I’m setting up Suricata as an IPS using NFQUEUE in inline mode on Ubuntu, in transparent mode.
Here’s my current setup:
Modem<==> [ens33|ens34|Suricata|ens32]<==> LAN
- ens33 and ens32 have no IP addresses (transparent bridge mode).
- ens34 in suricata machine is used for remote SSH management.
I would appreciate it if someone could guide me through the necessary steps to configure Suricata IPS properly in this setup.
Thanks in advance!