Show Posts
1
24.1 Legacy Series / Re: 24.1 IDS breaks internet
« on: January 31, 2024, 07:34:38 am »
I've tried the solution mentioned in this thread, this doesn't resolve the issue.
Only working solution is to disable IPS option, Intrustion detection can remain Enabled (basically you know if something got in, but you didn't block it)
Tried the following without luck
- ET removal = nok
- removing all rules = nok
- reinstalling suricata = nok
- delayed start = nok
- removed internet WAN from blocking = nok (so IPS was only working on server WAN ip, all client internet traffic was unblocked/monitored)
- the fix mentioned in this thread
a hotfix with a downgrade, back to Suricata 6 seems the way to go.
Go TEAM OPNsense!
Only working solution is to disable IPS option, Intrustion detection can remain Enabled (basically you know if something got in, but you didn't block it)
Tried the following without luck
- ET removal = nok
- removing all rules = nok
- reinstalling suricata = nok
- delayed start = nok
- removed internet WAN from blocking = nok (so IPS was only working on server WAN ip, all client internet traffic was unblocked/monitored)
- the fix mentioned in this thread
a hotfix with a downgrade, back to Suricata 6 seems the way to go.
Go TEAM OPNsense!