Suricata Schaubild
Zur Navigation springen
Zur Suche springen
Ohne IDS/IPS
Mit IDS/IPS
![Bearbeiten](javascript:editDrawio("1283903737", "ids.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
![Bearbeiten](javascript:editDrawio("1617199563", "ids-1.drawio.png", "png", false, false, false, true, "https://embed.diagrams.net")){kind=link}
Änderungen
Firewall
- enp0s8 172.31.31.1/24
- ip route add 10.0.101.0/24 via 172.31.31.2
- iptables -A FORWARD -s 172.31.31.2/24 -i $DMZDEV -o $WANDEV -m state --state NEW -j ACCEPT
- iptables -t nat POSTROUTING -s 172.31.31.2/24 -o $WANDEV -j MASQUERADE
IDS/IPS
- enp0s3 172.31.31.2/24
- enp0s8 10.0.101.1/24
- sysctl -w net.ipv4.ip_forward=1
- ip route add default via 172.31.31.1