• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Snort Rules & Selective Blocking

Scheduled Pinned Locked Moved pfSense Packages
2 Posts 2 Posters 1.9k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • J
    jobsoft
    last edited by Feb 6, 2007, 2:50 PM

    Hello

    Just installed the snort package this past Sunday (02/04/2007).  Everything seems OK, except that when BLOCKING is enabled, as has been noted here before, every little alert blocks the respective IP address.  What I would love to have is the ability to set a class of rules (in particular WEB-CLIENT) to "LOG ONLY" and not block, etc.

    Can this be done in pfsense and/or snort and, if so, where and how?

    Mark

    1 Reply Last reply Reply Quote 0
    • Y
      yoda715
      last edited by Feb 9, 2007, 12:00 AM

      Yes it can be done in pfSense. It would be possible to specify which categories are to be blocked. I might do this soon when I get some free time.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received