Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
Problem with "Intrusion Detection" and a Bridge.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Problem with "Intrusion Detection" and a Bridge. (Read 4372 times)
Kuzunkhaa
Newbie
Posts: 13
Karma: 0
Problem with "Intrusion Detection" and a Bridge.
«
on:
August 02, 2016, 10:25:12 am »
Hello,
the interfaces of my OPNsense are configured with one NIC for internet connectivity thru PPPoE and 3 NIC together in a Bridge, so my configuration is:
WAN -> PPPoE
LAN -> Bridge0
OPT1 -> No IP (member of Bridge0)
OPT2 -> No IP (member of Bridge0)
OPT3 -> No IP (member of Bridge0)
I have a problem to configure the Intrusion Detection service to the Bridge. When I insert one member of the Bridge0 to the interface list, it become impossible to connect thru that port to OPNsense. While when I insert LAN on the interfaces, seems don't block nothing.
What I have to do for enable Intrusion Detection on the members of Bridge0?
Thanks
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: Problem with "Intrusion Detection" and a Bridge.
«
Reply #1 on:
August 03, 2016, 01:09:43 pm »
Are we talking about IDS with IPS mode? What OPNsense version are you on and what is your network card driver?
Ideally, IPS on a number of OPTX should work, but for the bridged LAN there is no guarantee this will work due to the plumbing of the operating system itself.
Then again, running IPS on a lot of internal traffic may not be worth it. The normal use case is to set WAN and Promisc mode for your PPPoE. There may be another issue with PPPoE parsing at the moment in Suricata, but I can't keep all of the current idiosyncrasies together anymore.
So to reiterate: LAN port bridge not working is expected, OPTX not working could be a current bug with 16.7.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
16.7 Legacy Series
»
Problem with "Intrusion Detection" and a Bridge.