Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
What order are rules processed when using IDS?
« previous
next »
Print
Pages: [
1
]
Author
Topic: What order are rules processed when using IDS? (Read 1932 times)
allebone
Sr. Member
Posts: 402
Karma: 34
What order are rules processed when using IDS?
«
on:
July 20, 2020, 02:51:26 pm »
When using Intrusion Detection, what rules are processed first?
I have normal Firewall rules I would like processed before IDS is processed. Is this the default, or if not, how can I ensure my own rules are processed prior to IDS rules being processed?
Kind regards
Pete
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: What order are rules processed when using IDS?
«
Reply #1 on:
July 20, 2020, 03:01:24 pm »
No, first there is Suricata, then cames the Firewall. You can only flip if you let it listen to LAN instead of WAN
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
allebone
Sr. Member
Posts: 402
Karma: 34
Re: What order are rules processed when using IDS?
«
Reply #2 on:
July 20, 2020, 03:16:01 pm »
Hmm, that is disappointing. Thanks for clarifying.
Logged
mimugmail
Hero Member
Posts: 6767
Karma: 494
Re: What order are rules processed when using IDS?
«
Reply #3 on:
July 20, 2020, 03:25:40 pm »
IPS/netmap listens in the NIC while pf rules are processed in kernel.
It's the same as with Linux/iptables ...
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
What order are rules processed when using IDS?
