OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • IDS Rulesets Per Interface/VLANS
« previous next »
  • Print
Pages: [1]

Author Topic: IDS Rulesets Per Interface/VLANS  (Read 1979 times)

PeeWeeHerman

  • Newbie
  • *
  • Posts: 4
  • Karma: 0
    • View Profile
IDS Rulesets Per Interface/VLANS
« on: April 29, 2021, 12:26:46 pm »
Hi,

Is it possible to enable different rulesets/rules to different interfaces and specifically VLANS.

Some Examples:

Work VLAN: Company is using zscaler, etc for networking and IDS is going crazy trying to analyse that traffic. I want to disable some rules.

Personal VLAN: I want a few more rules enabled but nothing crazy.

Kids VLAN: This is for computer literate and inquisitive teenagers. I want everything enabled including the kitchen sink.

Thanks
Logged

errored out

  • Full Member
  • ***
  • Posts: 171
  • Karma: 3
    • View Profile
Re: IDS Rulesets Per Interface/VLANS
« Reply #1 on: April 30, 2021, 05:07:13 am »
This is not possible as suricata operates with netmap framework.  Meaning, prior to when VLAN's are processed.
« Last Edit: April 30, 2021, 06:27:32 am by errored out »
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • IDS Rulesets Per Interface/VLANS
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2