I wanted to give the IPS a try, but there is no way to enable it as there is no checkbox “Enable IPS”.
GUI looks the same as in these threads:
I want to use IPFire to test whether IPFire is good to be used as NIDS or not on a home network. However, I experienced a problem. I cannot activate the Intrusion Prevention System (IPS) on IPFire 2.25 as shown below:
I have chosen the ruleset and saved them, but the results are zero. Does anyone have a solution? The documentation that I have found is only for the previous version of IPFire which still separates IDS and IPS services. The configuration that I have implemented is a…
I changed the IPS settings to monitor only and all the other controls, etc. disappeared from the GUI and stopped the service. Not sure what happened. Restarting doesn’t help. Any ideas?
[Image 5-22-21 at 11.21 PM]
Yesterday, after studying the
IPFire Security Hardening Guide, I was trying to activate IPFire’s IPS.
So I enabled it in the WUI like that:
But after removing the selection on »Monitor traffic only« and confirmig with Save, it would take a veeery long time applying and finally end up with this:
I guess that's not how it should be, right?
I have to admit, my hardware is not the latest since I use IPFire at home only.
The image in the wiki looks different:
wiki.ipfire.org - Intrusion Prevention System (IPS)
I might have enabled the IPS years ago and immediately disabled it again. Not sure.
I noticed that “/var/ipfire/suricata/settings” exists, but is empty.
IPFire 2.25 (x86_64) - Core Update 158
How can I fix this?