Snort ignoring whitelist
tnine last edited by
We have an external VoiP system that connects to our phone system in our office. It's constantly getting blocked for port scanning. I've created a whitelist and added the IP to it, then changed the whitelist on all my snort interface to be the new list I've defined. However, this doesn't' seem to help (I've applied the changes).
Snort 22.214.171.124 pkg v. 1.34.
Any help would be greatly appreciated. I've had to disable snort until this is corrected!
Gloom last edited by
Have you tried upgrading the package as you are slightly out of date. It should be 126.96.36.199 pkg v. 1.35
Did you restart snort on the interfaces you altered the whitelists on. I've noticed that it sometimes does not apply changes unless you stop and restart snort on each interface after a change to whitelists.
Cino last edited by
I'm having the same problem, snort doesn't load the custom whitelist i created. My work IPs get block all the time. I'm using the latest 2.0 BETA5 snapshot, Stable 188.8.131.52 pkg v. 1.35. I know Robert is working on a new release 2.0 so hopefully that will fix it. Since 2.0 is in beta I would rather him spend is time on the new release then fix the old one. just my thoughts