Still thinking about mirroring my DSL traffic to Suricata.
But I might need some redesign first, as my fritzbox is serving Wifi users directly without the chance to mirror the traffic before it goes to the internal DSL modem.
Need to split up the modem/routing from the routing/wifi part.
Draytek Vigor in front of the fritzbox would be an idea, or lose the fritzbox completely, as vigor could do all by itself I guess.
Otherwise sending all the traffic to pfSense would also be nice…
…I can’t decide right now.
So much options so less time.