Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Arthur_DENIS1
Advisor
Advisor

Create rule from deny log

Hi,

I get a question from one of my customer.

It is possible to create a rule from dropped rule like pfsense ?
https://docs.netgate.com/pfsense/en/latest/firewall/adding-rules-with-easyrule.html

 

We can create a host from an IP, I believe we can create a new rule from an IPS logs, but nor from a firewall log ?

 

Someone know a solution about this ?

 

Thanks,
Arthur

0 Kudos
2 Replies
PhoneBoy
Admin
Admin

The use case for IPS is far simpler to implement in that you're making an exception to an existing rule.
Access Control policies are a little more complex in terms of rule placement and exactly what the rule should be to allow the dsired traffic.
As such, there is no "create an access control rule from a drop log" functionality currently.
0 Kudos
Arthur_DENIS1
Advisor
Advisor

Ok, thanks for the confirmation.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events