Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cant see any blocked in Snort 2.9.7.0 pkg v3.2.3

    pfSense Packages
    2
    2
    395
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      okaenrique
      last edited by

      Hi!

      I use Snort 2.9.7.0 pkg v3.2.3 it is so many Alert Log but i cant see any Blocked Hosts Log ??

      help please

      in my pfsense

      Alert Settings

      Block Offenders Checking this option will automatically block hosts that generate a Snort alert.
      IPS Policy Selection   Snort IPS policies are: Connectivity

      is any option i have missed ?

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        @okaenrique:

        Hi!

        I use Snort 2.9.7.0 pkg v3.2.3 it is so many Alert Log but i cant see any Blocked Hosts Log ??

        help please

        in my pfsense

        Alert Settings

        Block Offenders Checking this option will automatically block hosts that generate a Snort alert.
        IPS Policy Selection   Snort IPS policies are: Connectivity

        is any option i have missed ?

        Compare the IP addresses in the alerts with your local networks.  Remember that by default your local networks are not blocked.

        Another possibility is the blocks are happening but then clearing out automatically before you see them.  What value is the "Remove Blocked Hosts Interval" set for?  This is on the INTERFACE SETTINGS tab.

        Bill

        1 Reply Last reply Reply Quote 0
        • First post
          Last post