Suricata IPS Mode

Started by nicholaswkc, November 30, 2025, 04:54:09 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 30, 2025, 04:54:09 AM
Dear all, I'm using PPPOE connection and how to activate Suricata IPS mode?
December 01, 2025, 10:38:10 AM #1
Hi there,

What issue are you facing in enabling it?

Also, do you plan to monitor the WAN-side or the LAN-side?
[HW]
Protectli VP2420
16GB RAM
240 GB SSD

[Versions]
OPNsense 25.7.6-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

[Feature set]
Unbound DNS
Kea DHCPv4
Suricata IPS
Wireguard Client VPN
December 02, 2025, 06:16:44 AM #2
Suricata IPS mode on PPPOE is not permitted.
December 03, 2025, 11:10:11 AM #3
Did you take a look at this topic?

https://forum.opnsense.org/index.php?topic=9741.0
[HW]
Protectli VP2420
16GB RAM
240 GB SSD

[Versions]
OPNsense 25.7.6-amd64
FreeBSD 14.3-RELEASE-p4
OpenSSL 3.0.18

[Feature set]
Unbound DNS
Kea DHCPv4
Suricata IPS
Wireguard Client VPN
December 15, 2025, 09:39:18 AM #4
Quote from: turipriv on December 03, 2025, 11:10:11 AMDid you take a look at this topic?

https://forum.opnsense.org/index.php?topic=9741.0
I tried read the posts but still not understand it.

1. Configure the WAN interface as none (IPv4 Configuration Type none)
2. Add a new OPT interface with the PPPoE configuration just like it was a WAN PPPoE.
3. Configure Suricata as IPS on WAN.
Print
Go Up Pages1
User actions