Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Snort Rules & Selective Blocking

    pfSense Packages
    2
    2
    1595
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jobsoft last edited by

      Hello

      Just installed the snort package this past Sunday (02/04/2007).  Everything seems OK, except that when BLOCKING is enabled, as has been noted here before, every little alert blocks the respective IP address.  What I would love to have is the ability to set a class of rules (in particular WEB-CLIENT) to "LOG ONLY" and not block, etc.

      Can this be done in pfsense and/or snort and, if so, where and how?

      Mark

      1 Reply Last reply Reply Quote 0
      • Y
        yoda715 last edited by

        Yes it can be done in pfSense. It would be possible to specify which categories are to be blocked. I might do this soon when I get some free time.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post