Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
IDS/IPS and passlists
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS/IPS and passlists (Read 825 times)
curious
Newbie
Posts: 1
Karma: 0
IDS/IPS and passlists
«
on:
August 02, 2023, 06:03:31 pm »
All,
Looking to get some initial understanding/validation - considering the move from another pf-based firewall to OPNsense due to a critical issue: the other platform has apparently stopped supporting passlists on "inline mode" interfaces for Suricata. Thus, preventing the ability to ensure that certain source/destinations pass without false positive blocking (review validates that the packets are not an issue). While still maintaining the ability to apply various rules to all other [arbitrary] destinations. The lesser of two evils appears to be allowing certain source/destinations so that various rules do not have to be disabled for all other sources/destinations. This shifts certain aspects from the firewall layer to the client layer, but maintains greater protection for all other source/destinations within the firewall.
Is someone able to confirm/deny whether passlists are viable on inline mode interfaces and those passlists can contain multiple [auto updated] URL/Table lists?
Thanks!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.7 Legacy Series
»
IDS/IPS and passlists
