Project

General

Profile

Actions

Bug #10292

closed

Suricata not respecting SID Mgmt list

Added by Markus P about 4 years ago. Updated about 1 year ago.

Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
02/25/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
2.4.4-p3
Affected Plus Version:
Affected Architecture:
amd64

Description

I am running pfSense 2.4.4-RELEASE-p3 (amd64) with Suricata VERSION 4.1.6_3 on an SG-2440.

Suricata is inspecting WAN traffic, Inline blocking, with all categories and rules managed with conf files in the SID Mgmt tab.
SID State Order set to Enable,Disable (as I enable entire categories then selectively disable SIDs).

On version 4.1.6_2 all changes to SID Mgmt files reflected in the rules and would enable/disable/block based on how they were configured.

Once I updated to 4.1.6_3 Suricata stopped respecting the "Disabled" conf file selected in the Disable SID List dropdown for the WAN interface.

Actions

Also available in: Atom PDF