OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: simiki on September 08, 2021, 12:38:31 pm

Title: Suricata and time-out blocked ips and other questions
Post by: simiki on September 08, 2021, 12:38:31 pm

Good morning,

   Before we start let me say that I love opnSense. Its interface is easy to use and it has many interesting packages: HaProxy, Let's encrypt, Monit, Postfix, Telegraf and so on.

   A couple of questions regarding Suricata:

    1- How can I know the IPS that have been blocked?
    2- Can I create a white-list of ips?
    3- is it possible create a time-out for blocked ips?


Thank you very much for your excellent work.

Simiki

Title: Re: Suricata and time-out blocked ips and other questions
Post by: simiki on September 24, 2021, 09:55:23 pm

Hi again!

 Is it possible or no?

Thanks

Title: Re: Suricata and time-out blocked ips and other questions
Post by: XeroX on September 28, 2021, 07:09:19 pm

1) Check Rules and Policy Tab
2) Its called passlist.
3) Not out of the box. Whats the requirement here?