I have subscribed 4 IP Address Blocklists and enabled the feature, of cause. And applied the firewall rules.
In the firewall I have disabled “Drop packets from and to hostile networks (listed at Spamhaus DROP, etc.)”.
And I have the IPS running.
If I ping an ip address from one of the lists it is blocked. But shows up in the IPS logs and not in the " IP Address Blocklist Logs"!? Why?
The IP Address Blocklists are implemented trough iptables rules and these are executed first, so before IPS, right?