3. Snort blocking ISP

Snort blocking ISP

  • C

    Hi,

    New to snort and running into the following problem.  On the router from my ISP I use the DMZ zone to send all traffic to my PFSense box.  When I activate snort it blocks the 192.168.240.xxx from the ISP router.  How can I tell it that this is my Internet so it does not block this IP address but rather filters what is coming from it.

    Thanks

    cjb

    0
  • M

    The most recent Snort update has also caused something similar on my system.  For example, it's blocking my ISP's internet gateway.  Despite me adding both a suppress rule and a whitelist entry containing the IP of the gateway.

    0
  • F

    Both whitelists amd suppression seem to be broken in the latest package. We just have to wait for a fix.

    0
  • C

    @fragged:

    Both whitelists amd suppression seem to be broken in the latest package. We just have to wait for a fix.

    yes and its not correctly creating the HOME_NET list in its config..Which would include your gw and wan ip

    0
  • E

    Just reinstall and should behave better.

    0
  • M

    @ermal:

    Just reinstall and should behave better.

    Ermal, so far (since updating), it appears to have resolved my ISP gateway issue.  Thanks.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy