Suricata
1. What is Suricata
2. Quickstart guide
3. Installation
4. Upgrading
5. Security Considerations
6. Support Status
7. Command Line Options
8. Suricata Rules
9. Rule Management
10. Making sense out of Alerts
11. Performance
12. Configuration
13. Reputation
14. Init Scripts
15. Setting up IPS/inline for Linux
16. Setting up IPS/inline for Windows
17. Output
18. Lua support
19. File Extraction
20. Public Data Sets
21. Using Capture Hardware
22. Interacting via Unix Socket
23. Plugins
24. Firewall Mode
24.1. Firewall Mode Design
24.2. Firewall Ruleset Examples
25. 3rd Party Integration
26. Man Pages
27. Acknowledgements
28. Licenses
29. Suricata Developer Guide
30. Verifying Suricata Source Distribution Files
31. Appendix
Suricata
24.
Firewall Mode
View page source
24.
Firewall Mode
24.1. Firewall Mode Design
24.1.1. Concepts
24.1.1.1. Tables
24.1.1.1.1. Packet layer tables
24.1.1.1.2. Application layer tables
24.1.1.2. Actions and Action Scopes
24.1.1.2.1. accept
24.1.1.2.2. drop
24.1.1.3. Explicit rule hook (states)
24.1.1.3.1. Packet layer hooks
24.1.1.3.2. Application layer hooks
24.1.1.3.2.1. general
24.1.1.3.2.2. http
24.1.1.3.2.3. tls
24.1.1.3.2.4. ssh
24.1.1.4. Firewall pipeline
24.1.1.5. Pass rules with Firewall mode
24.1.2. Firewall rules
24.2. Firewall Ruleset Examples
24.2.1. HTTP
24.2.2. TLS SNI with complex TCP rules