OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: kapara on November 25, 2018, 12:28:51 am
-
Will rules enabling certain IP's through the firewall override rules from Suricata or will Suricata still block the traffic if set to block and the firewall has an allow for the same IP that Suricata might block based on the rule analysis?
-
The traffic hits Suricata first, when a packet is dropped there it won't reach anything else.
-
Then a VNC connection could be dropped because suricata think is hacker connection not me?
thanks