Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
[Solved] Suricata and IPv6 and
« previous
next »
Print
Pages: [
1
]
Author
Topic: [Solved] Suricata and IPv6 and (Read 1604 times)
Pocket_Sevens
Jr. Member
Posts: 67
Karma: 2
[Solved] Suricata and IPv6 and
«
on:
June 03, 2022, 03:43:49 pm »
Hello and I apologize if this is a noob question.
I've just done a fresh install of 21.7.8 and reconfiguring from scratch. As this is a brand new configuration, I'm using both IPv4 and IPv6 for my DHCP addresses. I can see both a IPv4 and IPv6 address on my WAN and for my IPv6 compatible devices.
So, I'm setting up Suricata with a simple rule to block Tor (ET open/tor ruleset) and set it to Drop in my policy. However, it doesn't appear that the rule is actually working. In my previous config, I only used IPv4 in my setup for DHCP leases and the rule would work. My concern is that, if I add additional rules, they wouldn't be dropped either.
What am I missing in my IPv6 setup for Suricata? I'm completely new to IPv6 and am still trying to understand how the numbering convention/subnets/prefixes/etc. works.
Thanks in advance.
«
Last Edit: June 03, 2022, 07:11:51 pm by Pocket_Sevens
»
Logged
Pocket_Sevens
Jr. Member
Posts: 67
Karma: 2
[Solved] Re: Suricata and IPv6 and
«
Reply #1 on:
June 03, 2022, 07:11:11 pm »
Just as an update: I ended up installing Zenarmor and it works for both IPv4 and IPv6. It gives me exactly what I'm looking for.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
[Solved] Suricata and IPv6 and