Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    A question about snort?

    pfSense Packages
    2
    3
    1615
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cybervolkan last edited by

      I wonder how snort blocks a host?

      Does it write a temporary rule or with a package TCP_END?

      One more question?

      Can I, automaticly update rules from another site (not snort.org)?

      1 Reply Last reply Reply Quote 0
      • H
        hoba last edited by

        Go to diagnostics>edit file and open /tmp/rules.debug. This is the pf configuration that is loaded. You'll see a section there where snort can add block items to the ruleset. It generates firewall block rules dynamically for offenders.

        There is no option to load rules from somewhere else than snort.org currently.

        1 Reply Last reply Reply Quote 0
        • C
          cybervolkan last edited by

          Thanks for reply…

          1 Reply Last reply Reply Quote 0

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy