Actions
Bug #10292
closedSuricata not respecting SID Mgmt list
Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
02/25/2020
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
2.4.4-p3
Affected Plus Version:
Affected Architecture:
amd64
Description
I am running pfSense 2.4.4-RELEASE-p3 (amd64) with Suricata VERSION 4.1.6_3 on an SG-2440.
Suricata is inspecting WAN traffic, Inline blocking, with all categories and rules managed with conf files in the SID Mgmt tab.
SID State Order set to Enable,Disable (as I enable entire categories then selectively disable SIDs).
On version 4.1.6_2 all changes to SID Mgmt files reflected in the rules and would enable/disable/block based on how they were configured.
Once I updated to 4.1.6_3 Suricata stopped respecting the "Disabled" conf file selected in the Disable SID List dropdown for the WAN interface.
Actions