Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Arien

Pages1
#1
Intrusion Detection and Prevention / Re: IPS PPPoE Interface
March 01, 2025, 11:38:48 AM
Quote from: yeraycito on December 13, 2024, 02:56:03 PMSuricata can function as an IPS with PPPoE without any problems, you just need to make a few modifications:

- Configure the WAN interface as none (IPv4 Configuration Type none)

- Add a new OPT interface with the PPPoE configuration just like it was a WAN PPPoE.

- Configure Suricata as IPS on WAN.

There's another action you should take with this scenario:
You have to manually add your public IP address to IDS (advanced mode) --> "Home Networks"

Almost in my case, there's a huge difference in triggered alerts, just try with and without it, and take a look in Alerts.
#2
23.1 Legacy Series / Re: [CALL FOR TESTING] Netmap generic mode queue stall fixes
May 14, 2023, 11:45:18 AM
Hi Franco.

Just a question related to netmap and his improvement.
Is anybody working to match netmap with PPPoE and trying to solve Suricata (netmap) IPS not working at all?

The way you told us "Zenarmor and OPNsense have been working with Klara to bring netmap improvements to FreeBSD" made me think its possible that someone is working on it.

https://forum.opnsense.org/index.php?topic=19740.msg92114#msg92114

Thanks for your time.
Cheers.
Pages1