How to make PFsense more senses by configuring the Snort

  • I realized the SNORT module is not capturing the correct and useful information. How can I configure it to be able to capture the data?

    Is there anything I need to install?

  • Look in Services -> Snort -> Alerts.

    I've found its better to run snort on the internal interface as if you use it on the WAN it logs the WAN address not the client that is natted.

