PfSense suricata not working in bridge mode
nb-master last edited by
The pfSense suricata is not filtering the requests that arrive on VM - 02, a machine configured on a card in pfSense in bridge mode.
In the physical machine there is a physical network card and an internal virtual card, when I configure the public IP directly in the client machine only the firewall blocking works, the IDS does not block the incoming requests that reach the firewall.
For example a request for 22.214.171.124:80 is normally redirected to a machine behind pfSense, but if someone tries to access port 126.96.36.199:8080 for example, the suricata will block the IP per scan or some other reason (this works) .
However any request that goes to IP 188.8.131.52 pfSense only does DROP for closed doors, but the suricata can not detect and block the scans performed on that IP.