Differences

This shows you the differences between two versions of the page.

--- pfsense:suricata:alerts [2021/01/16 15:29] – peter
+++ pfsense:suricata:alerts [2021/01/21 10:26] (current) – peter
@@ Line 3: / Line 3: @@
 See [[https://redmine.openinfosecfoundation.org/projects/suricata|Suricata Redmine site]] for further information.
+----
+[[PFSense:Suricata:Alerts:Disable an entire group of rules|Disable an entire group of rules]]
 ----
@@ Line 24: / Line 27: @@
 [[PFSense:Suricata:Alerts:SURICATA Applayer Mismatch protocol both directions|SURICATA Applayer Mismatch protocol both directions]]
+[[PFSense:Suricata:Alerts:SURICATA Applayer Wrong direction first Data|SURICATA Applayer Wrong direction first Data]]
 [[PFSense:Suricata:Alerts:SURICATA HTTP Host header invalid|SURICATA HTTP Host header invalid]]
@@ Line 32: / Line 37: @@
 [[PFSense:Suricata:Alerts:SURICATA HTTP unable to match response to request|SURICATA HTTP unable to match response to request]]
+[[PFSense:Suricata:Alerts:SURICATA ICMPv4 invalid checksum|SURICATA ICMPv4 invalid checksum]]
 [[PFSense:Suricata:Alerts:SURICATA IKEv2 weak cryptographic parameters (Auth)|SURICATA IKEv2 weak cryptographic parameters (Auth)]]
@@ Line 85: / Line 92: @@
-----
-===== Disable an entire group of rules =====
-Navigate to **Services -> Suricata -> Interfaces -> edit > WAN(interface) -> Rules**.
-Select the specific group, for example:
-<code>
-stream-events.rules
-</code>
-Disable.
 ----