How to grant a snort port permission?
-
Hello there
I'm trying Snort for the first time. I prefer pfsense to protect my Voip system. I have activated snort to block attacks, but there are some ports I use to support my voip system. I cannot access these ports when the snort is active. wan I want to connect to address x.x.x.x: 1111 but it does not happen. the people I get support do not use static ip so I can ignore the requests coming to the port as I choose where and how to write a rule.
thank you so much. -
I am a little confused with this part of your question: the people I get support do not use static ip so I can ignore the requests coming to the port as I choose where and how to write a rule.
I suspect English is perhaps a second language for you, and as a native English speaker, I'm having trouble following your chain of thought. Do you mean that your VoIP provider's endpoint server has a dynamic IP address or do you mean your end of the connection has a dynamic IP address?
If you are dealing with a dynamic IP address, then preventing a block by IP is not possible. Snort can't deal with changing IP addresses within a Pass List. Why don't you just disable the Snort rule that is causing the block? You can do that on the ALERTS tab.