OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: liver007 on August 07, 2019, 10:47:32 am

Title: Making an inline Suricata box using OPNsense
Post by: liver007 on August 07, 2019, 10:47:32 am

HI
I'm looking to make an inline Suricata box to intercept certain applications. I need DPI to detect certain applications (i.e. unauthorized VPN traffic) and block it. The box needs to be inline and receive its LAN IP address from the DCHP server.

I have been looking at OPNsense (as opposed to Security Onion) to do this project quickly but got lost in the configurations. Is there a knowledgebase article to setup OPNsense in bridge mode to transparently pass through traffic with Suricata IPS active?

Title: Re: Making an inline Suricata box using OPNsense
Post by: spetrillo on August 30, 2019, 11:36:19 pm

Does this help??

https://azizozbek.ch/blog/2018/08/opnsense-bridge-firewall/ & https://azizozbek.ch/blog/2019/02/install-suricata-opnsense/