My Community Dashboard

  • I confirm. I'm using ClearOS Home Edition and since the last intrusion-prevention update no more IP banned before that I had a lot of banned IP.
    A quick look in /etc/snort.d/rules/clearcenter, only one alert activate snortsam.

    What I did:
    cat /etc/snort.d/rules/clearclenter/*.rules | grep fwsam:

    and this is what I get:

    Every rules who normaly should activate snortsam miss this statement "fwsam: src, 1 day;)" at the end of each alert.
    So please, Clearcenter could you investigate.