Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ip on whitelist but snort is stil triggering/blocking

    Scheduled Pinned Locked Moved pfSense Packages
    1 Posts 1 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      Klexx
      last edited by

      My news provider is triggering a "SHELLCODE x86 setuid 0" alert and is therfor blocked.
      "googeling" the alert i found this article: http://security.raffy.ch/projects/Raffael_Marty_GCIA/node14.html after reading this i wanted to pass the trafic for the News server without triggering any rules/blocking so i added a cople of news server ip's to the whitelist … but snort is still trigering and blocking the server ?  even thou the server ip is clearly listed in th "whitelist" ?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.