Hi everyone.
I installed suricat 7.0.5 on debian 12 and configured NFQ mode.
But I don’t understand why iptables doesn’t block ip addresses from the fast.log list.
Please help me
How do you assume it is not blocked? Provide more details for the connections that you see being dropped on Suricata side but actually being working.
Ideally some eve.json output and how does the OUTPUT and FORWARD chain look like?