Allow domain and all subdomains/redirects

aperry72 · September 20, 2024, 3:07pm

Hello,

I want to allow users to blaa.com and any subdomains or redirects that blaa.com sends them to. I don’t want to have to figure out all the subdomains and redirects and add those into my rule sets. Is there a way to allow the connection to blaa.com and then all redirects in the session?

The issue I am having is that users can get to blaa.com, but the web page is not complete because the page redirects to other domains, or pulls data from other domains.

Philippe_Antoine · September 22, 2024, 6:54pm

Do you mean you have a rule that blocks traffic by default ?

aperry72 · September 24, 2024, 4:29pm

Yes, the firewall blocks by default. We have a whitelist for blaa.com, but it breaks because the other domains and redirects from blaa.com are not in the whitelist.

Philippe_Antoine · September 24, 2024, 6:38pm

What is your Suricata rule for this white list ?

Topic		Replies	Views
Suricata allow domain URI Help rules	1	1403	September 12, 2023
How to allow HTTPs but block all other protocol Help rules , suricata	2	357	August 2, 2024
Suricata on AWS network firewall Help ips , suricata	0	1058	September 24, 2022
AWS Network Firewall Stateful (Suricata) rules not working - Pass TLS only Help rules	5	1488	August 16, 2023
Understanding tls.sni rules Rules	4	3467	December 20, 2022

Allow domain and all subdomains/redirects

Related topics