Messages

Hi Brainleg,

i agree to annoniempjuh.

its better to send it back.

To block this device for communications to the internet do not make sense.
From time to time you will need security/firmware updates too.

I thought that was just an extension for the config. Not overriding :)

Thanks for your reply.

Where can i find this file?

I have only found /usr/local/etc/suricata/custom.yaml.

But this seems not to be the right file.

Yes IPS.  :)

Hi Franco,

thx.

I understand, there is no solution possible for my special task.
So i have to look for another way of log analysis.

Thank you.

Hello everybody,

last days i configured my data share via smb.
Goal was that my AplleTV can get data from another vlan.
It needed almost a minute to show the index of the smb share, another one for the next subdir and so on ...

The only way to solve was to turn off suricata for this vlans.
No log alerts or anything else.

Do anyone know about this?

Thanks in advance

Hi Franco,

first thx for your fast answer.

How does this alias statistics work?
Can i track anything about this ip subnets (alias), even if the alias is not used in any firewall rule?

I can not find anything about the statistics in the alias section of the manual.

I have some firewall rules to allow only specific ports to the outside.
If i pass all ports to this alias only to get the logs, thats not target oriented.

Thanks in advance

Hi all,

have the same problem and can not find a needable solution.

I only want to look after some ip subnets, what comes in or goes out.
No blocking, only viewing.

The logfile evaluation is actually being made with grafana/loki.

Possible solutions for me could be:
1. log only rule in opnsense
2. filter by ip subnets in a grafana/loki combination

Both should be not work at this moment.

Any ideas?
Thanks in advance. :)