PfSense suricata not working in bridge mode


  • The pfSense suricata is not filtering the requests that arrive on VM - 02, a machine configured on a card in pfSense in bridge mode.

    In the physical machine there is a physical network card and an internal virtual card, when I configure the public IP directly in the client machine only the firewall blocking works, the IDS does not block the incoming requests that reach the firewall.

    For example a request for 8.8.8.2:80 is normally redirected to a machine behind pfSense, but if someone tries to access port 8.8.8.2:8080 for example, the suricata will block the IP per scan or some other reason (this works) .

    However any request that goes to IP 8.8.8.3 pfSense only does DROP for closed doors, but the suricata can not detect and block the scans performed on that IP.