[Oisf-users] Oisf-users Digest, Vol 106, Issue 11
erik clark
philosnef at gmail.com
Sat Sep 15 12:14:28 UTC 2018
Use threshold config file. There are examples of whitelisting in the file
On Sat, Sep 15, 2018 at 8:00 AM
<oisf-users-request at lists.openinfosecfoundation.org> wrote:
>
> Send Oisf-users mailing list submissions to
> oisf-users at lists.openinfosecfoundation.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> or, via email, send a message with subject or body 'help' to
> oisf-users-request at lists.openinfosecfoundation.org
>
> You can reach the person managing the list at
> oisf-users-owner at lists.openinfosecfoundation.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Oisf-users digest..."
>
>
> Today's Topics:
>
> 1. Whitelist IP Confirmation (Mesra.net CEO)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 15 Sep 2018 05:12:16 +0800
> From: "Mesra.net CEO" <admin at mesra.my>
> To: <oisf-users at lists.openinfosecfoundation.org>
> Subject: [Oisf-users] Whitelist IP Confirmation
> Message-ID: <431E4DF000BB478FAFD2AA7B47B7231B at DellPC>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Dear Suricata
>
> My Suricata machine are work as standalone and not as IPS, what i mean is all the traffic are streaming from Mikrotik firewall to my Suricata machine and filter by some rules before sending trigger back to Mikrotik, my script will monitor anything from fast.log by the word [wDrop] and collect the ip and send back to Mikrotik to do blocking, so my question is how can i make a rules or long list of Whitelist IP and by that Suricata will filter all those Whitelist IP and not list as [wDrop] on fast.log ?
>
> Please advice and thank you so much
>
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180915/24b02a46/attachment-0001.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at lists.openinfosecfoundation.org
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>
>
> ------------------------------
>
> End of Oisf-users Digest, Vol 106, Issue 11
> *******************************************
More information about the Oisf-users
mailing list