suricata in IPS Mode and pppoe wan is not working

Started by kinch, September 04, 2025, 02:31:17 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 04, 2025, 02:31:17 AM
Hi all, once again, in 2025, any progress about suricata in IPS mode on pppoe interface is working?

is it still not working?
are there any plans to resolve this long-standing issue?

Best Regards
September 04, 2025, 04:56:10 AM #1
Did you recently upgrade to latest opnsense?
September 04, 2025, 06:55:22 AM #2
as the default F/W rule on WAN interfaces, is drop, i'm not interested in unsolicited inbound dropped traffic, i instead run suricata in IDS mode on all LAN interfaces....which included all outbound LAN-> WAN traffic as well. So my attention is only focused in internal potential threats, and not concerned in unsolicited inbound dropped traffic....

OPNsense 25.7.1_1-amd64 running on ESXi 6.7 U2 VM, 4Gbytes RAM, 2 x vCPU
frr OSPF + eBGP, IDS, AdGuard Home, sftp-backup plugins. limited kea DHCP server deployment.
September 04, 2025, 08:31:12 AM #3
IPS mode not working on interfaces using PPPoE is a known limitation.


Cheers,
Franco
September 05, 2025, 08:52:48 PM #4
Quote from: franco on September 04, 2025, 08:31:12 AMIPS mode not working on interfaces using PPPoE is a known limitation.


Cheers,
Franco

Unfortunately, it's still the same.
Thanks for the update franco.

Best Regards
Print
Go Up Pages1
User actions