And this way shouldnt work because i want that the source gets blocked. Pass-Lists a only for Source IPs. So i wouldnt like to block my own network ;)
Lets say that Suricata just check the traffic just for serval IPs from a network. I am sure i saw such kind of configuration. > Am 20.06.2016 um 20:31 schrieb Steve Yates <[email protected]>: > > You should be able to go the other direction and set up a pass list > that allows everything but these IPs. Remember to add the pass list to the > interface though. > > However if you just enable the alerting and select to not automatically > block the bad traffic that may be easier. > > -- > > Steve Yates > ITS, Inc. > > -----Original Message----- > From: List [mailto:[email protected]] On Behalf Of Daniel Eschner > Sent: Monday, June 20, 2016 1:28 PM > To: pfSense Support and Discussion Mailing List <[email protected]> > Subject: [pfSense] add Blocking in suricata just for some IPs > > Hi to everyone, > > is it possible to add blocking mode just to some IPs from a /24 Network? > I want to run that in test mode to see who much false positiv i will see ;) > > Cheers > > Daniel > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
