Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Surricata blocks traffic on local allowed list
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Surricata blocks traffic on local allowed list (Read 2818 times)
steilfirn_8000
Jr. Member
Posts: 56
Karma: 0
Re: Surricata blocks traffic on local allowed list
«
Reply #15 on:
February 08, 2023, 06:29:25 pm »
Not sure if this is relevant for this topic but with my new router setup I am also using Suricata as IDS/IPS (from SELKS
https://github.com/StamusNetworks/SELKS
) with equal settings as on OPNsense.
With this setup it is not having any troubles with my LAN & remote sites.
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: Surricata blocks traffic on local allowed list
«
Reply #16 on:
February 09, 2023, 06:24:45 am »
Quote
Not sure if this is relevant for this topic
it's hard to say, since so far only false positive alerts (fixable) and possible misconfig are visible imho
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: Surricata blocks traffic on local allowed list
«
Reply #17 on:
February 15, 2023, 09:47:40 am »
for the ref.
https://forum.suricata.io/t/drop-log-false-positive-records-possible-since-6-0-6/3228/1
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: Surricata blocks traffic on local allowed list
«
Reply #18 on:
March 28, 2023, 10:14:44 pm »
for the ref. false-drop records fixed in
https://github.com/OISF/suricata/commit/517132b6ad0347c8402b3aace885d1b734609fec
although I still think it would be great to be able to disable drop-log on the OPN
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Surricata blocks traffic on local allowed list