Netgate SG-1000 microFirewall

Author Topic: layer 7 functionality arrives  (Read 268 times)

0 Members and 1 Guest are viewing this topic.

Offline MR-NT

  • Newbie
  • *
  • Posts: 23
  • Karma: +0/-1
    • View Profile
layer 7 functionality arrives
« on: January 29, 2018, 03:20:07 pm »
Dear All

if you please can any one support me of how to use snort + OpenAppID to block application like psiphon , ultrsurf ....etc
i have found that new announce from netgate with this links about this issue

https://www.netgate.com/blog/application-detection-on-pfsense-software.html
https://doc.pfsense.org/index.php/Setup_Snort_Package

any tutorials for this

many thanks in advance

Offline ivor

  • Administrator
  • Hero Member
  • *****
  • Posts: 728
  • Karma: +154/-135
    • View Profile
    • Netgate
Re: layer 7 functionality arrives
« Reply #1 on: January 29, 2018, 05:08:00 pm »
Your second link is a tutorial. Why not set it up and see if it picks up what you need? There's also this very nice video that covers the setup https://youtu.be/-GgqYq5-EBg
Need help fast? Commercial support: https://www.netgate.com/support/

Offline fredlubrano

  • Newbie
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: layer 7 functionality arrives
« Reply #2 on: January 31, 2018, 01:49:11 pm »
Hi,

this does not work when the explicit proxy is configured.
example, I configure the squid + sslbump on a vlan (ex: vlan10), i configure snort on the vlan10 with all appID = Result nothing is detected
without the proxy everything is detected by appID.

Thanks

Best regards,

fred