Snort blocking ISP
-
Hi,
New to snort and running into the following problem. On the router from my ISP I use the DMZ zone to send all traffic to my PFSense box. When I activate snort it blocks the 192.168.240.xxx from the ISP router. How can I tell it that this is my Internet so it does not block this IP address but rather filters what is coming from it.
Thanks
cjb
-
The most recent Snort update has also caused something similar on my system. For example, it's blocking my ISP's internet gateway. Despite me adding both a suppress rule and a whitelist entry containing the IP of the gateway.
-
Both whitelists amd suppression seem to be broken in the latest package. We just have to wait for a fix.
-
Both whitelists amd suppression seem to be broken in the latest package. We just have to wait for a fix.
yes and its not correctly creating the HOME_NET list in its config..Which would include your gw and wan ip
-
Just reinstall and should behave better.
-
@ermal:
Just reinstall and should behave better.
Ermal, so far (since updating), it appears to have resolved my ISP gateway issue. Thanks.