I have enabled IPS Mode, and I see Alerts for OPN_Social_Media - Facebook - DNS request for facebook.com from my DNS server to quad9 (9.9.9.9 and 9.9.9.10), but facebook is still loading. It's not blocking the request and I'm still able to load the page.
I am testing the social_media rule to determine if IPS is working before configuring everything else. But it's not. Also, I've tried multiple configs, but it seems flaky because I add LAN to interfaces and include local scope in Home Networks, yet I'm not seeing the activity on my admin computer address reliably. Please help me troubleshoot what I have set incorrectly.
Please disregard. I have found that using a different browser and restarting the OPNSense firewall was what was needed.
It shouldnt be necessary to reboot a firewall to get results.
Yepp, no reboot required. Or did you forget to press "Apply"?
Which browser doesn't work?