Denton22

Without changing my rules, and just loading my test.xml with the following entrys: pass quick inet from {any} to {any} keep state label "6563996381efaf45b6258349f0bf9640" # TEST RULE pass quick inet6...

I think i may have found somthing that is current: https://reviews.freebsd.org/rGd1f4b9ffabbcc2c29ab83435bd73b0670818bbd1 This is a commit from april of 2025 in the pf_normalisation about icmp "Too BiG" not actually beeing sent...

> The route-to rules are created when in "Interface -> WAN (e.g.)" the "IPv4" or "IPv6" gateway rules dropdown is populated with a gateway (when the configuration is static). If...

@Monviech i will test your commands later. I can however tell you that i have removed it in a different way, so this rule (in my rule set) ist depended...

1.add static ipv4 route 2. add static ipv6 route like shown under route status 3. enable "disable force gateway" 4. verify with "cat /tmp/rules.debug | grep -i "route-to"" that we...

@fichtner Thank you for the info

I am facing the same issue since 2025-05-18 Same issue in the log: 2025-05-22T10:30:04 | Error | suricata | [101184] -- Just ran out of space in the queue. Please...

Ok so simpy changing the Pattern Matching to "hyperscan" fixed the issue.... There seems to be a bug in the "Default" Pattern Matcher

I just wanted to chime in again, so after having it running for some days, i can observe a higher interrupt rate, but it is not scary high. I do...

@brungu The current way of key / certificate managment is more or less in line with other security device vendors. You can extract Private Keys in Fortigates, Checkpoint, F5 etc......