Hi, On Wed, Mar 04, 2015 at 10:41:57PM +0300, Denis Lapshin wrote: > Just have read about Snort and Suricata engines. The second one looks more > productive in DPI task because of utilizing multi-thread algorithms.
Yes, Suricata is now a better solution than Snort to do packet filtering / packet inspection. > Coult you explain a bit more about "divert" with Suricata to make an inline > DPI > engine. You could read this blog post about OpenBSD divert to do Packet Inspection / DPI : http://blog.rootshell.be/2010/07/12/packet-inspection-using-divert-sockets/ ++ Foxy
