Snort not holding settings
-
Hello,
I don't know if I am doing something wrong but when I change the "Available Rule Categories" under the WAN Rules tab it won't stick after clicking Apply. If I go to a different tab and then come back to WAN Rules the Category has changed back to "Auto-Flowbit rules.
Thanks for any help.
-
When you click "Save" wait for the browser to finish its refresh before moving to another Tab otherwise it won't save the changes.
-
When you click "Save" wait for the browser to finish its refresh before moving to another Tab otherwise it won't save the changes.
Thanks for the response. I tried what you suggested but it just won't stick. Is it possible that the WAN Rules tab is only for information and that the real setting is controlled by WAN Categories?
-
Are you selecting the "IPS Policy" Checkbox also? Selecting an IPS Policy overrides any manual settings I believe.
-
when I change the "Available Rule Categories" under the WAN Rules tab it won't stick after clicking Apply.
I re-read this and the WAN Rules tab is to view the Rules and you also have the ability to Enable/Disable individual Rules or the whole category.
If you are looking to Enable/Disable Rule Categories, you need to set those in the WAN Categories Tab.
-
Thanks BBcan177,
Once last question re snort. If I have the IPS policy set to Connectivity or Balanced and "Block Offenders" disabled does that make Snort just a logger or is it still protecting against the IPS policy chosen?
Thanks!
-
Thanks BBcan177,
Once last question re snort. If I have the IPS policy set to Connectivity or Balanced and "Block Offenders" disabled does that make Snort just a logger or is it still protecting against the IPS policy chosen?
Thanks!You have to enable "Blocking" for it to actually Protect your network. or its just going to Alert only.
I suggest "Block Offenders", "Kill States" and "Block Both"
