Results 1 to 4 of 4
  1. #1
    Master Untangler
    Join Date
    Dec 2010
    Boerne, TX

    Default IPS Testing Option?

    Thank you for the improvement in IPS, guys. I see the need for IPS, but don't have a lot of experience with it.

    To help new admins ensure the IPS setup is correct, it would be very helpful to have a testing option within the module to notify the sysadmin (via SNMP, email, or at the least via the event log) of a potential problem while the rules are active. With the testing option selected, those rules which are enabled would be used to evaluate traffic but would not block any sessions. This would allow the sysadmin to tune the rules for their network in a testing mode while not impacting traffic. Once the testing option is unchecked, the module will then take action on the traffic based on the selected rules.

  2. #2
    Master Untangler cblaise's Avatar
    Join Date
    Jul 2014
    Burlington, VT


    Thanks for checking it out!

    What you're asking for is how the Log functionality for a rule operates. It simply detects a rule's "hit", logs it to the event log, but does not affect traffic at all.

    To affect the traffic by stopping it, you can enable Block for a rule.

    By default, no rules are ever marked Block by the system (e.g.,Setup Wizard, updated rules), only Log.

  3. #3
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Central PA


    To more clearly define this request, I would like to see a firewall module style [all events / flagged / blocked] filter capability (but always logging everything might well be a burden), OR a single checkbox for log all (rule testing).

    checking all of those checkboxes would be painful.

    Thanks, though for the effort!

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Lake Tahoe


    It was done on purpose. A check all function would bring most boxes to grinding slow pace. Just think of all those regex functions processing on all the sessions!
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2