This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS rules not working

Hi, guys

 

I have sophos utm using home license, my issue with ips rules, i was trying to attack my servers and my whole network /24, its no logs related this atack or even blocked them. i checked my snort rules i found only this astaro.rules added on /var/chroot-snort/etc/snort/snort.conf.

some events in ips.log
snort[13736]: DynamicPlugin: Rule [3:13947] not enabled in configuration, rule will not be used.
ulogd[4895]: id="2105" severity="info" sys="SecureNet" sub="ips" name="UDP flood detected" action="UDP flood" fwrule="60013" initf="eth1"
ulogd[4895]: id="2104" severity="info" sys="SecureNet" sub="ips" name="ICMP flood detected" action="ICMP flood" fwrule="60014" initf="br0"

 



This thread was automatically locked due to age.