Differences

This shows you the differences between two versions of the page.

--- pfsense:suricata:install_suricata [2021/01/22 12:20] – peter
+++ pfsense:suricata:install_suricata [2021/01/22 13:59] (current) – [PFSense - Suricata - Install Suricata] peter
@@ Line 7: / Line 7: @@
   - [[PFSense:Suricata:Install Suricata:Create Suppress Lists|Create Suppress Lists]]
   - [[PFSense:Suricata:Install Suricata:Have Suricata Monitor the WAN Interface|Have Suricata Monitor the WAN Interface]]
+  - [[PFSense:Suricata:Install Suricata:Have Suricata Monitor the LAN Interface|Have Suricata Monitor the LAN Interface]]
+----
+==== Created a suppress list ====
+To suppress certain snort and ET signatures since initially there a bunch of False Positives.
+This is accomplished under **Services -> Suricata -> Suppress**.
+{{:pfsense:suricata:pfsense_-_services_-_suricata_-_suppress.png?800|}}
+<WRAP info>
+**NOTE:**  This shows a suppresslist named **WANSuppressList**.
+In order for this specific list to be used:
+  * Navigate to **Services -> Suricata -> Interfaces**.
+  * Edit the specific interface; in this example WAN.
+  * Within **WAN Settings**, go to **Alert Suppression and Filtering** and select this suppresslist.
+  * Click **Save**.
+</WRAP>
 ----
+==== Rule categories ====
+Choose what rule categories to enable:
+Navigate to **Services -> Suricata -> Interfaces -> WAN Categories**.
+----