Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
21.7 fresh Install, cannot get suricata to notify and or block
« previous
next »
Print
Pages: [
1
]
Author
Topic: 21.7 fresh Install, cannot get suricata to notify and or block (Read 2503 times)
crissi
Full Member
Posts: 172
Karma: 4
21.7 fresh Install, cannot get suricata to notify and or block
«
on:
August 04, 2021, 02:11:38 pm »
Hello,
Im trying to get suricata to work notify and or block, but it seems im doing something wrong here. as I can download eicar testfiles without getting notified and or blocked.
I did the following Setup:
1. Services – Intrusion Detection – Administration
2. Intrusion Detection – Download
3. Intrusion Detection – Policy
What im doing wrong here, do I miss something?
Thanks
Best regards
Crissi
Logged
Cheers,
Crissi
crissi
Full Member
Posts: 172
Karma: 4
Re: 21.7 fresh Install, cannot get suricata to notify and or block
«
Reply #1 on:
August 05, 2021, 09:18:08 pm »
Can someone here give me a Hint?
Thx
Logged
Cheers,
Crissi
crissi
Full Member
Posts: 172
Karma: 4
Re: 21.7 fresh Install, cannot get suricata to notify and or block
«
Reply #2 on:
August 09, 2021, 02:49:40 pm »
Updated to Sense 21.7.1 enabled Suricata again, this Time to Test just IDS is enabled. Under Home Networks i added also 192.168.1.0/24 newtork, offloading and VLAN Support disabled.
Tried with WAN and also just LAN Interface, even not IDS is working no Alerts are created.
Get in the Log SC_WARN_FLOWBIT(306) Error.
Any Idea?
Thx
Logged
Cheers,
Crissi
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
21.7 fresh Install, cannot get suricata to notify and or block
