Netgate SG-1000 microFirewall

Author Topic: Suricata Pass List Setup Questions/Issues  (Read 210 times)

0 Members and 1 Guest are viewing this topic.

Offline h2obuffalo

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Suricata Pass List Setup Questions/Issues
« on: December 26, 2017, 12:52:10 pm »
I am trying to set up a pass list for Suricata so my cloud-based POS system does not get blocked. I have the IP addresses, but its hosted by CloudFlare. CloudFlare doesn't allow for direct IP address access(see attached), so when I put in the IPs into the alias section I get "Could not fetch the URL." When I use the FQDN, it works, but Suricata does not use FQDNs.

-Is there any sort of work around while still using IPs?
-Or am I limited to going though alerts and blocks to filter out the rules that are blocking the POS system?

Thanks!
Alex

Offline Birke

  • Jr. Member
  • **
  • Posts: 82
  • Karma: +14/-0
    • View Profile
Re: Suricata Pass List Setup Questions/Issues
« Reply #1 on: December 27, 2017, 08:27:43 am »
what type of alias are you using? seems like you use URL(IPs).
try to add the ip to a host-type-alias or use a network-type-alias.