OPNsense Forum

Archive => 15.7 Legacy Series => Topic started by: smajor on July 31, 2015, 11:17:29 pm

Title: IDS Auto-block
Post by: smajor on July 31, 2015, 11:17:29 pm
Is it (or will it be) possible to auto-block external addresses that are located by the IDS and Suricata rules?

The alerts are fantastic for tracking down a misbehaving host. It isn't always possible to 1) get to it right away and 2) monitor threats realtime.

Or does it already do this and I'm not seeing a setting or understanding that enabling will do this.

Thank you as always.
Title: Re: IDS Auto-block
Post by: AdSchellevis on July 31, 2015, 11:22:48 pm
Currently it's not possible, the ips part is still on the todo list and will come available later on.