JoppeOostenrijk

src_ip = 192.168.1.178 dest_ip = 142.251.39.110 (not exactly, but a same type of google IP, currently no access to this machine) suppression rule = 192.168.1.178 (misstyped the IP in the...

Hi, it seems to have worked to stop generating alerts. However, when trying to build suricata (through ruleset update) it throws an "nosuchpatherror at /suricata/update" error at the build stage...

I reinstalled the docker containers, also cleaning their data, however, it doesn't seem to have fixed the issue after all. With the suppression rule the traffic still generates alerts.

Hi yes, I just completely removed it from my system and cloned it again to make it work, double checked the selks6_addin.yaml to be sure.

Hi Peter, I think you misunderstood, it still doesn't supress the alerts for me.

Hi @pevma , the contents is: `cat /etc/suricata/rules/threshold.config` `suppress gen_id 1, sig_id 2008983, track by_src, ip 192.168.1.179` `suppress gen_id 1, sig_id 2008983, track by_src, ip 192.168.1.0/24` `suppress gen_id 1, sig_id...

These are the suppressions I added specifically to those rules.

Hi, I think you understand correctly, see images below.