OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: dragon2611 on October 30, 2017, 02:34:06 pm
-
Given Suricata tends not to play nice with virtIO nics and tends to be CPU heavy is there a way to use the HTTP/HTTPs threat rules with HAproxy instead?
Would be nice if possible as it's already acting as the front-end load balancer/proxy and decoding any incoming https ;)
-
Hi dragon,
I think somebody wanted to work on an Nginx/NAXSI plugin in the upcoming months:
https://github.com/nbs-system/naxsi
Cheers,
Franco