MyNixOS website logo
option

services.suricata.settings.host-mode

If the Suricata box is a router for the sniffed networks, set it to 'router'. If it is a pure sniffing setup, set it to 'sniffer-only'. If set to auto, the variable is internally switched to 'router' in IPS mode and 'sniffer-only' in IDS mode. This feature is currently only used by the reject* keywords.

Declarations
Type
one of "router", "sniffer-only", "auto"
Default
"auto"