Project

General

Profile

Actions

Bug #11742

open

Blocking / Unblocking is not working correctly.

Added by Ian Mitchell 7 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
03/27/2021
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

If you turn on blocking for a port via the GUI and then turn the blocking back off. Gui indicates that it is off, but blocking continues.

Actions #1

Updated by Viktor Gurov about 2 months ago

The Interface Settings page doesn't clear the snort2c table after disabling Blocking mode,
and there is no special log to know which IPs are exactly blocked on a particular interface - the snort2c table is shared by all Snort and Suricata interfaces.

Workaround: manually clear the entire snort2c table using the Clear button on the BLOCKS page.

Actions

Also available in: Atom PDF