Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Interface specific rules for Suricata?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Interface specific rules for Suricata? (Read 1263 times)
CJ
Hero Member
Posts: 832
Karma: 30
Interface specific rules for Suricata?
«
on:
May 16, 2022, 02:33:44 pm »
Is it possible to set Suricata rules on an interface specific basis?
For example, one of the rules is for discord DNS queries. I use discord, so this is expected. But I should not be seeing discord DNS queries from my DMZ servers.
Right now my options appear to be to either exclude LAN from monitored interfaces, leave the rule at Alert and wade through the list for things not on LAN, or disable the rule altogether.
Any ideas? Thanks.
Logged
Have Answer, Will Blog
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Interface specific rules for Suricata?
