PfSense suricata not working in bridge mode



  • The pfSense suricata is not filtering the requests that arrive on VM - 02, a machine configured on a card in pfSense in bridge mode.

    In the physical machine there is a physical network card and an internal virtual card, when I configure the public IP directly in the client machine only the firewall blocking works, the IDS does not block the incoming requests that reach the firewall.

    For example a request for 8.8.8.2:80 is normally redirected to a machine behind pfSense, but if someone tries to access port 8.8.8.2:8080 for example, the suricata will block the IP per scan or some other reason (this works) .

    However any request that goes to IP 8.8.8.3 pfSense only does DROP for closed doors, but the suricata can not detect and block the scans performed on that IP.


Log in to reply