Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Create rule from deny log

Hi,

I get a question from one of my customer.

It is possible to create a rule from dropped rule like pfsense ?
https://docs.netgate.com/pfsense/en/latest/firewall/adding-rules-with-easyrule.html

 

We can create a host from an IP, I believe we can create a new rule from an IPS logs, but nor from a firewall log ?

 

Someone know a solution about this ?

 

Thanks,
Arthur

0 Kudos
2 Replies
Highlighted
Admin
Admin

Re: Create rule from deny log

The use case for IPS is far simpler to implement in that you're making an exception to an existing rule.
Access Control policies are a little more complex in terms of rule placement and exactly what the rule should be to allow the dsired traffic.
As such, there is no "create an access control rule from a drop log" functionality currently.
0 Kudos
Highlighted

Re: Create rule from deny log

Ok, thanks for the confirmation.

0 Kudos