I have installed the Suricata addon in my IPFire, but there is just checkbox to enable and disable it. It doesn’t seem to give any granular control over the connections.
Suricata on PF Sense provides logs and more options to block connections, where is such an option in IPFire?
Once enabled and once a Ruleset is set and Saved (I picked Emergingthreats.net Community Rules) you should see a Rulesets list with control over connections.
I selected the emerging-scan.rules and enabled the nmap scans, then from the outside I nmap’ed my public ip and I see the IPS Log populated. Many thanks.