Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata / PfBlockerNG list conflict

    Scheduled Pinned Locked Moved pfBlockerNG
    3 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnabbot
      last edited by

      Hi all,

      There seems to be some conflict between the IPs that Suricata blocks using ETOpen and Snort VRT and those in the lists for PfBlockerNG.

      Has anyone else seen this?

      J

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        For IP blocking, best to use one or the other… No need to duplicate efforts...

        So I'd recommend to remove the IP Rules (ie: ET Block) from the IDS and adding those feeds to pfBlockerNG...

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • israI
          isra
          last edited by

          Hi all,

          I created a custom aliases to IPv4.
          I wish one of the internal lanip, it was not locked by pfblockerng.
          I tried several solutions without success.

          Can you help me in solving this puzzle?  :D

          thank you so much

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.