What's new

Firewalla Gold

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Marketing of what, @coxhaus? You can run Snort and Suricata on multiple platforms. It doesn’t have to be pfSense. It’s just a easier there and GUI configurable. And yes, you can scan your outbound traffic, if you want to. You can scan that guest VLAN only, your choice.
So you are saying you click on something in the pfsense GUI that says it will scan outbound traffic? Lets stay focused on pfsense.
 
Time is up, you don't know as you have never run it. Post out there so you can have someone tell you.
 
Wait for someone else to answer this question for you. It will be 3rd time answering for me.
 
Wait for someone else to answer this question for you. It will be 3rd time answering for me.
Thats because you have not run it for real. I can tell you more than what you are telling me, and it has been a long time since I ran it. I know the process and you don't. Clicking maybe involved but what is the process?
 
No, we are done with that conversation. I don't need good luck as I won't run pfsense again. Lots of other things to look at that I don't know.
 
Lots of other things to look at that I don't know.

Add pfSense to the things you don't know. Actually, turns out what you are asking for is the default configuration. Zero extra clicks. :)

My configuration is different. This conversation refreshed my memory about why I disabled Suricata on LAN and run it on WAN only for specific ports. In general it has to run on LAN and not WAN since the firewall drops incoming connections anyway, if no open ports. But it defaults on WAN + LAN after installation. So the proper thing to do is to "unconfigure" the WAN, in most cases. Unless someone want to enjoy the logs.
 
Last edited:
Add pfSense to the things you don't know. Actually, turns out what you are asking for is the default configuration. Zero extra clicks. :)

My configuration is different. This conversation refreshed my memory about why I disabled Suricata on LAN and run it on WAN only for specific ports. In general it has to run on LAN and not WAN since the firewall drops incoming connections anyway, if no open ports. But it defaults on WAN + LAN after installation. So the proper thing to do is to "unconfigure" the WAN, in most cases. Unless someone want to enjoy the logs.
I don't think so as we are talking IPS which you posted above at the start of this and this means you need automatic blocking on outbound. Base install just sends alerts with no blocking.

You work on it. I don't need any more info as I am done.
 
Last edited:
I don't think so

You are free to think differently. When was the last time you run pfSense with Snort or Suricata?

Base install just sends alerts with no blocking.

Ah, okay- few clicks extra work. Please, don't run pfSense. There are other options around easier to configure. Thank you for wasting my time.
 
Last edited:
I told you time was up. You did this on your own.

I still believe you don't have a good understanding of it.
 
Last edited:
How old are you, @coxhaus? I don't understand your behavior.

What's the point of this conversation? You don't want something - fine! Do whatever fits best your needs.
 
You are the one that started this.

Started what, @coxhaus? You asked a question in post #33 and I give you an answer in post #34. What's wrong? Do you want me to write a guide for you how to setup Suricata or Snort on pfSense? It's already available online. It's Saturday and I was with my family in Niagara Falls. How fast do you want to get the answers to your questions? Do I look like Snort, Suricata or pfSense support to you? Come on... relax and have a good night! Okay?
 
In post #27 you stated IPS which from there you countered everything I pretty much said with you stating all you need was a couple of clicks. Which with that vocabulary of clicks, has no real meaning and still doesn't other than an action.
I hope you learn your product sometime.
 
I hope you learn your product sometime.

Listen, I'm really trying to help you. If you want and when you are ready, I can remotely configure your pfSense firewall using GUI only the way you want it, in front of you, with explanations what, where and why. It can run on a PC with single NIC, you don't need to purchase hardware. Or on a virtual machine, same thing. I can do that for you on Mondays after 10am. This is a serious offer. There is no way to describe to you firewall configuration with simple words and instructions. pfSense has hundreds of settings. We can focus on Snort and Suricata only though. You never had a choice with locked down Cisco equipment. pfSense gives you a choice, but for some reason you refuse to take advantage of it.
 
By the way @coxhaus, have you seen this and do you know what it is?

1654393353953.png


One click auto configuration. Available on $90 device from Amazon. Free lifetime signatures updates.
 
@dave14305, I don't want to ignore @coxhaus. I'm offering help and I'm ready to spend the time needed to show him some options he doesn't believe exist. Firewalla is one option, but I don't have this device and I don't know what it does. Untangle is another, but tied to recurring payments. I'm not pfSense expert, but what @coxhaus is looking for is not hard to do in pfSense. I also use help for more complicated setups. Post #56 shows what options other people have and use. Not the best, but cheap and with no subscriptions. The security company behind it is a big player in this business. No bad intentions here. And I'm not selling or promoting anything. I see another option in your signature, but had no time to play with it, not enough knowledge.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top