Messages

1

Intrusion Detection and Prevention / Re: Intrusion detection no showing alerts

« on: May 07, 2019, 07:00:52 pm »

I will put it in a test network to validate the installation.
Thank you very much for the help

2

Intrusion Detection and Prevention / Re: Intrusion detection no showing alerts

« on: May 07, 2019, 06:43:37 pm »

Yes, I downloaded all the rules and enabled them

3

Intrusion Detection and Prevention / Intrusion detection no showing alerts

« on: May 07, 2019, 06:19:31 pm »

Hi all
I activate Intrusion Detection, but I do not see alerts.

OPNsense 19.1.7-amd64
suricata 4.1.4

my config:
 Enabled [X]
 IPS mode  [ ]
 Promiscuous mode [X]

 Pattern matcher  Hyperscan

 Interfaces  [WAN]


the only thing I see in the log is this warning:

OPNsense meerkat: [101053] <Warning> - [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE (317)] - in 5.0 the default for decoder event stats will go from 'decoder. <Proto>. <Event>' to 'decoder.event. <Proto >. <event> '. See ticket # 2225. To suppress this message, set stats.decoder-events-prefix in the yaml.

Can you help me please?

4

19.1 Legacy Series / Re: Services and memory

« on: May 02, 2019, 08:18:07 pm »

1.- open a ssh terminal
2.- enter this command top -o res

5

19.1 Legacy Series / Re: Multiple Public IPs

« on: May 02, 2019, 07:35:53 pm »

you can use "Virtual IPs".....

or if you just need nat for http port, you can use one ip and configurate your web server with virtual host.