3. Snort Rules & Selective Blocking

Snort Rules & Selective Blocking

  • J

    Hello

    Just installed the snort package this past Sunday (02/04/2007).  Everything seems OK, except that when BLOCKING is enabled, as has been noted here before, every little alert blocks the respective IP address.  What I would love to have is the ability to set a class of rules (in particular WEB-CLIENT) to "LOG ONLY" and not block, etc.

    Can this be done in pfsense and/or snort and, if so, where and how?

    Mark

    0
  • Y

    Yes it can be done in pfSense. It would be possible to specify which categories are to be blocked. I might do this soon when I get some free time.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy