[Oisf-users] Fwd: Unblock whatsapp
James Moe
jimoe at sohnen-moe.com
Thu Jan 16 21:18:33 UTC 2020
On 2020-01-15 1:15 PM, Владислав Дубов wrote:
> Thank you. 195.68.154.66 is our pfSense router, which hosts Suricata and
> connects our LAN to the outside WAN.
>
Ah. That's helpful.
I also wanted the IP address for whatsapp.com for your locale.
Looking at the log, at 10:56:07 a lot of DNS requests are listed, followed by
some email, then a large amount of traffic between 94.124.195.19 and
195.68.154.75. It continues throughout the day.
> When the 'messy' things start, I cannot even open the Whatsapp home page in my
> browser.
>
How much memory does the router have?
How much free RAM is available when Suricata is running? If the router is
swapping to disk, that slows processing to teletype speeds.
What is the CPU usage when Suricata is running? Suricata is quite demanding of
CPU resources.
Please try disabling the SURICATA rules. In disable.conf add:
# Disable all SURICATA rules
re:SURICATA
--
James Moe
moe dot james at sohnen-moe dot com
520.743.3936
Think.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20200116/a8896c99/attachment.sig>
More information about the Oisf-users
mailing list