Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort IDS/IPS Security Policy is blocking Snapchat running on Apple phone?

    Scheduled Pinned Locked Moved IDS/IPS
    3 Posts 3 Posters 750 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rgc
      last edited by rgc

      Any idea why SnapChat is being blocked? I could whitelist the domain but I dont want to open any holes in FW and potentially defeat the purpose of runing FW or Snort. Any best practices in trouble shooting. Or identifying the rules that are blocking Snapchat. I could try going to a Balanced Policy or Connectivity Policy I am also running OPENAPPI and ET Open Rules on both my WAN/LAN interfaces. DNS over TLS is also enabled. Dont know if it is just a DNS thing or NOT.

      Anyway, just looking for experciend suggestions on why a domain might be getting blocked?

      Regarding DNS I am running pfsense DNS resolver local domain and DNS to Cloudflare 1.1.1.1@853, 1.0.0.1@853 and entries for quad9 too

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You should start by using the Connectivity Policy IMO. You imply you're using some policy other than Connectivity or Balanced which means you will see false positives and will need to whitelist those or remove the rules that are being triggered.
        https://www.netgate.com/docs/pfsense/ids-ips/setup-snort-package.html#alert-thresholding-and-suppression

        Steve

        1 Reply Last reply Reply Quote 0
        • M
          msf2000
          last edited by

          At least, enable signature logging in Snort. Then, you'll see what blocking signatures (if any) are being blocked and could ignore/suppress those.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.