4. Snort auto-update whitelist with dynamic WAN gateway?

Snort auto-update whitelist with dynamic WAN gateway?

  • E

    Hello,

    The subject line pretty much sums up my question.  Our WAN gateway is dynamic, so I'm wondering if Snort will automatically update it in the whitelist when it changes.

    Cheers

    0

  • I recently added new code to both the Snort and Suricata custom blocking plugins so that an interface IP-change monitoring thread is launched when the binary is started.  The thread subscribes to FreeBSD kernel routing table messages.  When a firewall locally-connected interface IP changes, the old IP is removed from the auto-whitelist and the new IP is inserted.  I need to look again, but I don't think I was looking for and pulling out the gateway address changes.  If not, perhaps I can add that option to the new auto-whitelist feature.

    Bill

    0
  • E

    Wonderful.  Thank you, Bill. That would be very helpful.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy