Bug 11981

Summary:	suricata fails to detect traffic from and to firewall
Product:	IPFire	Reporter:	Michael Tremer <michael.tremer>
Component:	---	Assignee:	Stefan Schantl <stefan.schantl>
Status:	CLOSED FIXED	QA Contact:
Severity:	Security
Priority:	- Unknown -
Version:	2
Hardware:	unspecified
OS:	Unspecified
Bug Depends on:
Bug Blocks:	11801, 11838

Description Michael Tremer 2019-01-29 12:19:14 UTC

suricata does not drop any packets from and to the firewall. That is caused by not having the RED IP address space (including aliases) in the HOME_NET variable.

Should any static routes be in here, too?

Please also merge my patch to scan any outgoing packets:

https://patchwork.ipfire.org/patch/2054/

Comment 1 Stefan Schantl 2019-02-05 12:55:08 UTC

Merged:

https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=17c2c09bcc50376ef805a194eec8688a3dfcbc29

Fixed:

https://git.ipfire.org/?p=people/stevee/ipfire-2.x.git;a=commit;h=23c0347ac5d386e215c56ae9fa3af97e66f1c23f