Hello to all,
As you might know there is a feature in pfsense called suppress list where you can add source or destination ip addresses along with a rule causing the alert to bypass it. But that is not available in ipfire. So is there any way so I can add suppress list on suricata by hand? Thanks.
Good night @rezafathi
Isn’t this here?
When I have had false detection issues, I have added the IP here and it has worked for me. I don’t know if this is what you are looking for.
You will tell us.
Thank you. Yes I know it but in white listing you specify an ip and you will never get any alerts for that ip. What i want is that you could suppress rules for only source or destination along with only rule which triggered the alert.
I don’t know, maybe a developer can guide you, but I imagine that this feature is not implemented.