OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of nwabytes »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - nwabytes

Pages: [1]
1
Intrusion Detection and Prevention / Help me understand suricata
« on: February 19, 2020, 07:00:45 pm »
Im coming from Pfsense, I really like everything i see with OPNSense. I have one issue and its suricata.
Ive tried bare metal and virtualization, I cant seem to get  it working.
Im use to seeing alerts and blocks. with OPNSense there never anything in alerts. ive read over the forums disabled the snort rules. Heres my logs as of now.

Code: [Select]
2020-02-19T11:42:52 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:40:15 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:40:15 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:37:27 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:37:27 suricata[4136]: [100381] <Notice> -- rule reload complete
2020-02-19T11:34:53 suricata[4136]: [100381] <Notice> -- rule reload starting
2020-02-19T11:33:15 suricata[4136]: [100381] <Notice> -- all 4 packet processing threads, 4 management threads initialized, engine started.
2020-02-19T11:31:35 suricata: [100381] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-02-19T11:31:35 suricata: [100174] <Notice> -- This is Suricata version 4.1.6 RELEASE
2020-02-19T11:31:35 suricata[29109]: [100462] <Notice> -- Stats for 'vtnet0+': pkts: 0, drop: 0 (nan%), invalid chksum: 0
2020-02-19T11:31:35 suricata[29109]: [100462] <Notice> -- Stats for 'vtnet0': pkts: 0, drop: 0 (nan%), invalid chksum: 0
2020-02-19T11:31:34 suricata[29109]: [100462] <Notice> -- Signal Received. Stopping engine.
2020-02-19T11:31:34 suricata[29109]: [100462] <Notice> -- all 2 packet processing threads, 4 management threads initialized, engine started.
2020-02-19T11:30:23 suricata: [100462] <Warning> -- [ERRCODE: SC_WARN_DEFAULT_WILL_CHANGE(317)] - in 5.0 the default for decoder event stats will go from 'decoder.<proto>.<event>' to 'decoder.event.<proto>.<event>'. See ticket #2225. To suppress this message, set stats.decoder-events-prefix in the yaml.
2020-02-19T11:30:23 suricata: [100107] <Notice> -- This is Suricata version 4.1.6 RELEASE
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Stats for 'vtnet1+': pkts: 1611, drop: 0 (0.00%), invalid chksum: 0
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Stats for 'vtnet1': pkts: 2052, drop: 0 (0.00%), invalid chksum: 0
2020-02-19T11:30:22 suricata[83230]: [100462] <Notice> -- Signal Received. Stopping engine.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2