Suppress Rule sets

Hello to all,

As you might know there is a feature in pfsense called suppress list where you can add source or destination ip addresses along with a rule causing the alert to bypass it. But that is not available in ipfire. So is there any way so I can add suppress list on suricata by hand? Thanks.

Good night @rezafathi

Isn’t this here?

When I have had false detection issues, I have added the IP here and it has worked for me. I don’t know if this is what you are looking for.

You will tell us.


Thank you. Yes I know it but in white listing you specify an ip and you will never get any alerts for that ip. What i want is that you could suppress rules for only source or destination along with only rule which triggered the alert.

Like this:

I don’t know, maybe a developer can guide you, but I imagine that this feature is not implemented. :frowning_face:


1 Like