Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Snort: How to Determine Which IP to put in Pass List?

    IDS/IPS
    1
    1
    312
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DaHai8 last edited by

      There is an app on my phone that doesn't work in the pfSense/Snort network, but works on CellData and friends' networks.
      I'm thinking it must be Snort blocking the source IP, but there are many.
      How can I determine which IP this app is trying to access so that I can add it to the Pass List?
      I can't find anything in the Snort Service that gives me current data - everything seems to be hours old (Alert lists, block lists, etc)
      If I unblock everything, then Snort will just block that source again next time I use the app. So I need to know the source IP and the rule its using (maybe the rule is unnecessary…)
      Thank you for your help.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post