Actions
Bug #11742
closedBlocking / Unblocking is not working correctly.
Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
03/27/2021
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
If you turn on blocking for a port via the GUI and then turn the blocking back off. Gui indicates that it is off, but blocking continues.
Updated by Viktor Gurov about 3 years ago
The Interface Settings page doesn't clear the snort2c
table after disabling Blocking mode,
and there is no special log to know which IPs are exactly blocked on a particular interface - the snort2c
table is shared by all Snort and Suricata interfaces.
Workaround: manually clear the entire snort2c
table using the Clear button on the BLOCKS page.
Actions