OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: Pocket_Sevens on June 03, 2022, 03:43:49 pm
-
Hello and I apologize if this is a noob question.
I've just done a fresh install of 21.7.8 and reconfiguring from scratch. As this is a brand new configuration, I'm using both IPv4 and IPv6 for my DHCP addresses. I can see both a IPv4 and IPv6 address on my WAN and for my IPv6 compatible devices.
So, I'm setting up Suricata with a simple rule to block Tor (ET open/tor ruleset) and set it to Drop in my policy. However, it doesn't appear that the rule is actually working. In my previous config, I only used IPv4 in my setup for DHCP leases and the rule would work. My concern is that, if I add additional rules, they wouldn't be dropped either.
What am I missing in my IPv6 setup for Suricata? I'm completely new to IPv6 and am still trying to understand how the numbering convention/subnets/prefixes/etc. works.
Thanks in advance.
-
Just as an update: I ended up installing Zenarmor and it works for both IPv4 and IPv6. It gives me exactly what I'm looking for. :)