I know Bill (bmeeks) hangs out in the web forums but since they're 
offline, does anyone know if it is possible to allow an IP for Suricata when 
it's in Inline mode?  I see lots of examples like:

pass ip any <> any any (msg:"pass all traffic from/to"; 

...but I gather that is tied to the specific rule/sid?

        The use case is it seems to be triggering on our Nagios monitoring of 
our web servers and I'd like to just whitelist our office IPs rather than 
trying to manage bunch of rules.

        (for those unaware, Pass Lists will be removed from Inline mode:


Steve Yates
ITS, Inc.

pfSense mailing list
Support the project with Gold! https://pfsense.org/gold

Reply via email to