services.suricata.settings.host-mode

If the Suricata box is a router for the sniffed networks, set it to 'router'. If it is a pure sniffing setup, set it to 'sniffer-only'. If set to auto, the variable is internally switched to 'router' in IPS mode and 'sniffer-only' in IDS mode. This feature is currently only used by the reject* keywords.

Type

one of "router", "sniffer-only", "auto"

Default

"auto"

Declared

<nixpkgs/nixos/modules/services/networking/suricata/default.nix>