Since I enabled ids/ips the traffic on the interfaces chosen is no longer graphing on the netflow traffic graph.
Any way to have both ids/ips and graphing?
OPNsense 20.7.2
Suricata 5.0.3 running in system mode
OPNsense Java jar file domyhomeworkonline.net (https://domyhomeworkonline.net/do-my-java-homework.php)
Hello,
Have you tried to configure Suricata for both IPS and IDS on different set of network ports?
Here's the topic on the suricata forum:
https://forum.suricata.io/t/suricata-configuration-for-ips-and-ids-mode/173
Btw, I also used Bro (Zeek) and then Snort a couple of months ago.
I upgraded Suricata to 20.7 and received an error message: Error re configuring the IDS : Error (99) It was related to the Netmap issues, as it turned out.
Quote from: TomK on September 03, 2020, 02:36:50 AM
Since I enabled ids/ips the traffic on the interfaces chosen is no longer graphing on the netflow traffic graph.
Any way to have both ids/ips and graphing?
OPNsense 20.7.2
Suricata 5.0.3 running in system mode
Known issue since 20.7, it only works on interfaces without netmap (Sensei, Suricata)
Quote from: mimugmail on November 27, 2020, 08:50:19 AM
Quote from: TomK on September 03, 2020, 02:36:50 AM
Since I enabled ids/ips the traffic on the interfaces chosen is no longer graphing on the netflow traffic graph.
Any way to have both ids/ips and graphing?
OPNsense 20.7.2
Suricata 5.0.3 running in system mode
Known issue since 20.7, it only works on interfaces without netmap (Sensei, Suricata)
Is this a bug in OPNsense, or somewhere else? Is it something that can be fixed?
It's not a bug, it's a known issue.
Quote from: mimugmail on December 11, 2020, 05:21:02 PM
It's not a bug, it's a known issue.
Does this mean it will get fixed in the future?
Is there a workaround?
Workaround is to disable IPS/Sensei on the interface where you want to catch graphs, like switching from WAN to LAN.
There may be a fix out one day, but noone is working on it at high pressure
shame ... it is a problem form me ....