Hi,
I wonderet about this in the release thread of 8.1, however its not the right place to discuss it in detail.
I have IPS enabled, have my LAN configured in local networks, portscan enabled and also TCP, UDP and SYN flood protection enabled.
In the Exceptions tab I put in a rule set for my local network and hosts to be excluded from the IPS scanning engine.
However, everytime we open a laptap that has been hypernating ( with apps running, IE etc etc ) I get warnings about portscan detected from that local IP on my LAN. A side effect is that the Astaro seems to completely ignore the client for around a minute or two - then everything goes back to normal and everything works.
I have tested alot with different configurations and if i disable IPS and all the features it present the problem is not present. So another configuration was IPS on, Port Scan -> log only, but still same problem.
It seems to me that the portscanner does not use the exclutions setup for some reason - why else would it report it and drop the packages if set to drop?
See attached for exclusion rules.
This thread was automatically locked due to age.
