OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: umar on December 08, 2018, 07:37:51 am

Title: In transparent bridge mode, can IPS be enabled on bridge interface
Post by: umar on December 08, 2018, 07:37:51 am

Dear friends
I want to configure OPNsense in Transparent Bridge mode for not changing my other network related settings in my information systems. i want to ask if i can use intrusion protection in it, as i saw " use physical interface only" but in transparent mode, i think there is no filtering being performed on physical interface.

Clarification in this regard is required.
Regards

Title: Re: In transparent bridge mode, can IPS be enabled on bridge interface
Post by: sdnavarro on December 11, 2018, 01:08:51 pm

Hello
I have a computer with a transparent bridge configured, the ids filters the LAN and WAN gate, the Pattern matcher is aho-Corasick

Title: Re: In transparent bridge mode, can IPS be enabled on bridge interface
Post by: umar on January 08, 2019, 08:01:40 am

Thank you for your reply, i m a bit confused here, if i follow the transparent bridge document it says that filteration will ONLY be performed on bridge interface. I have also tunned sysctl.conf perimeters in system/tunnable like wise. If i go to configure IDS, it says use physical interface......

==============
Should i keep/choose the bridge interface for IDS ( or later IPS) implementation?