Uncorrupted Blog

Get the inside scoop from us dirrectly from our own blog

MAY18

Playing with snort and pfSense

by Uncorrupted-Michael

We’ve been having a blast with some new intel atom based pfSense firewalls here in the office. The d510 boards perform amazingly well, even with a slew of snort rules loaded up.

We just replaced one of our Juniper SRX series firewalls with one of these little pfSense boxes and wouldn’t you know one of our own snort rules blocked us. Here’s how we got back in:

Gain access to the pfSense shell. We could have walked over to the box but that involved standing up, placing one foot infront of the other and repeating again and again. Bah, who needs all that.

We SSHd to another machine, and from that machine we SSHd to a machine behind our firewall, and from that we SSHd to the LAN IP associated with our firewall. We logged in, chose option 8 (Local Shell), and did the following:

pfctl -t snort2c -T show

This will show you all the IPs that have been blocked by triggering a snort rule

Then run this to remove you IP

pfctl -t snort2c -T delete xxx.xxx.xxx.xxx

You should add your own IPs to the whitelist to prevent this from happening again. ;)

Category :Technical Articles
Tags : none

Comments

No comments have yet been made. Be the first!

Add your own Comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Sidebar

Grab Our Button

Uncorrupted Hosting - High Performance Managed VPSs

Testimonials

  • testimonial Amy from Amy Loves it says:

    The assistance Uncorrupted has provided me has been priceless. My website would not be what it is without their service.

  • DealSeekingMom.com Testimonial Tara from Deal Seeking Mom says:

    The service that Uncorrupted provides just does not even compare to other hosting companies. I feel secure in knowing that my site is in excellent hands, and I greatly appreciate the personal attention I receive when I need assistance with the technical aspects of my site.

  • couponing101.com testimonial Stephanie from Couponing 101 says:

    Uncorrupted has far exceeded my hosting expectations! You cannot find a more knowledgeable, helpful, and reliable hosting service anywhere else! The tech support provided is invaluable! You won’t be disappointed with Uncorrupted!

  • FaithfulProvisions.com Testimonial Kelly from Faithful Provisions says:

    I have been with a few other hosting providers and NONE even compared to the service I have received with Michael and Uncorrupted. I promise you, you won’t find service like this anywhere.

More Testimonials
compassion

We're loyal donators to Compassion International, a Christian child advocacy ministry that releases children from spiritual, economic, social and physical poverty and enables them to become responsible, fulfilled Christian adults.





Copyright © 2010 Uncorrupted Hosting. All rights reserved. Follow us on TwitterBe our Facebook Fan
Latest Blog Post:

Playing with snort and pfSense

We've been having a blast with some new intel atom based pfSense firewalls here in the office. The d510 boards perform amazingly well, even with a slew of snort...


Visit our Blog