Hello certified noobie here. What rules do yall use on opnsense ids ips? I also use nat so should i have lan selected as an interface except for wan too?
Honestly I've did try IPs/ids out... in my case on lan....
I did also create policies and look at which rules to report on vs block.
but ultimately decided to just use quad9 dns.
It's a different more limited protection but much lighter, and I couldn't face endless hours of tweaking IPS rules
I also explored other dns servers and I've use and pay for controld on mobile but I think the quad9 blocks are better quality
Sent from my iPhone using Tapatalk