IDS Alerts not Working (APU)

Started by nspritz, October 14, 2016, 01:42:51 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 14, 2016, 01:42:51 PM
Are there any known problems with IDS reporting (Alerts) with 16.7.6 firmware on APU boards over PPPoE interface?
I had this working on earlier firmware versions, but with the last couple firmware updates, IDS alert logs are now completely null (no results found).

After some testing, it looks like 'User defined GeoIP blocking' IPS is also not working.

My other Opnsense installations on x86 hardware works just fine.
Would this be affecting APU hardware only? -or perhaps something to do with PPPoE interfaces?

------------------------------------------------
Hardware specs:
PC Engines - APU1D4 (AMD G-T40E)
Firmware: 16.7.6-amd64 (LibreSSL)
WAN Interface -> PPPoE (DHCP)

IPS mode: Enabled
Promiscuous mode: Disabled
------------------------------------------------

Thanks for your help!

October 14, 2016, 02:52:12 PM #1
There seems to be something with Suricata not seeing those packets, and we have another thread here about to push a report to their bugtracker:

https://forum.opnsense.org/index.php?topic=3630


Cheers,
Franco
October 15, 2016, 12:20:01 PM #2
Thanks Franco.

Just want to add that this problem also exist on my LAN (Realtek RTL8111E) interface.
Either than this IDS issue, I have not experienced any other problems on this APU device.
Print
Go Up Pages1
User actions