Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort Suppress List Syntax.

    Scheduled Pinned Locked Moved IDS/IPS
    1 Posts 1 Posters 788 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      S_Erickson
      last edited by

      On the suppress list tab it says that you can use count and seconds as options for the list but I tried to do do just this and snort wouldn't start saying that it was an invalid option. So either the format described below the box is incorrect or this is no longer possible on the suppress list and only by going into the snort interface and adding a custom filter rule. Can someone verify that this isn't just me? If it isn't then we should update the comments on that page to avoid confusion.

      
FATAL ERROR: /usr/local/etc/snort/snort_45782_igb4/suppwansuppress_585cb3283a4ca(63) suppress has incorrect argument count.
      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.