1. Home
  2. pfSense Packages
  3. IDS/IPS
  4. Snort auto-update whitelist with dynamic WAN gateway?

Snort auto-update whitelist with dynamic WAN gateway?

  • E

    Hello,

    The subject line pretty much sums up my question.  Our WAN gateway is dynamic, so I'm wondering if Snort will automatically update it in the whitelist when it changes.

    Cheers

    0
  • bmeeks

    I recently added new code to both the Snort and Suricata custom blocking plugins so that an interface IP-change monitoring thread is launched when the binary is started.  The thread subscribes to FreeBSD kernel routing table messages.  When a firewall locally-connected interface IP changes, the old IP is removed from the auto-whitelist and the new IP is inserted.  I need to look again, but I don't think I was looking for and pulling out the gateway address changes.  If not, perhaps I can add that option to the new auto-whitelist feature.

    Bill

    0
  • E

    Wonderful.  Thank you, Bill. That would be very helpful.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy