Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata notice Wan Ip Change

    Scheduled Pinned Locked Moved IDS/IPS
    3 Posts 2 Posters 700 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sunghost
      last edited by

      Hello,
      i noticed that if my provider changed my public ip-adress, suricata didnt notice this and block the new ip-adress. if i restart the suricata service all looks fine. Is that normal or did i miss a setting for that?

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        It is normal.  The auto-pass list values are static entries that are only read one time during Suricata startup.  Once startup is complete, if your WAN IP changes, Suricata won't know until the service is restarted.

        There may be something I can do as part of the restart signal that pfSense sends Packages when an IP changes.  I will look into that.

        Bill

        1 Reply Last reply Reply Quote 0
        • S
          sunghost
          last edited by

          Hello Bill,

          that would be nice ;) many thanks for your dedication.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.