Last active
November 20, 2025 22:15
-
-
Save msghens/f009a00d3ab3a1d025c59b1ea32d6ae9 to your computer and use it in GitHub Desktop.
My Suricata pfsense suppress list
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #SURICATA STREAM ESTABLISHED packet out of window | |
| suppress gen_id 1, sig_id 2210020 | |
| #SURICATA STREAM reassembly overlap with different data | |
| suppress gen_id 1, sig_id 2210050 | |
| #SURICATA STREAM excessive retransmissions | |
| suppress gen_id 1, sig_id 2210054 | |
| #SURICATA zero length padN option | |
| suppress gen_id 1, sig_id 2200094, track by_dst, ip ff02::16 | |
| #SURICATA TCP option invalid length | |
| suppress gen_id 1, sig_id 2200036 | |
| #SURICATA STREAM FIN out of window | |
| suppress gen_id 1, sig_id 2210038 | |
| #SURICATA TLS invalid record version | |
| suppress gen_id 1, sig_id 2230015 | |
| #ET POLICY PE EXE or DLL Windows file download HTTP | |
| suppress gen_id 1, sig_id 2018959 | |
| #SURICATA STREAM Packet with invalid ack | |
| suppress gen_id 1, sig_id 2210045 | |
| #SURICATA STREAM TIMEWAIT ACK with wrong seq | |
| suppress gen_id 1, sig_id 2210042 | |
| #SURICATA STREAM ESTABLISHED invalid ack | |
| suppress gen_id 1, sig_id 2210029 | |
| #SURICATA TLS invalid record/traffic | |
| suppress gen_id 1, sig_id 2230010 | |
| #SURICATA STREAM Packet with invalid timestamp | |
| suppress gen_id 1, sig_id 2210044 | |
| #SURICATA STREAM CLOSEWAIT FIN out of window | |
| suppress gen_id 1, sig_id 2210016 | |
| #SURICATA TLS error message encountered | |
| suppress gen_id 1, sig_id 2230009 | |
| #SURICATA STREAM Last ACK with wrong seq | |
| suppress gen_id 1, sig_id 2210039 | |
| #SURICATA TLS invalid handshake message | |
| suppress gen_id 1, sig_id 2230003 | |
| #SURICATA UDPv4 invalid checksum | |
| suppress gen_id 1, sig_id 2200075, track by_src, ip 10.13.1.1 | |
| #SURICATA ICMPv4 invalid checksum | |
| suppress gen_id 1, sig_id 2200076, track by_dst, ip 10.13.1.1 | |
| #SURICATA ICMPv4 invalid checksum | |
| suppress gen_id 1, sig_id 2200076, track by_src, ip 8.8.8.8 | |
| #SURICATA ICMPv4 invalid checksum | |
| suppress gen_id 1, sig_id 2200076, track by_src, ip 8.8.4.4 | |
| #SURICATA HTTP response field missing colon | |
| suppress gen_id 1, sig_id 2221020 | |
| #SURICATA DNS Unsolicited response | |
| suppress gen_id 1, sig_id 2240001, track by_src, ip 10.13.1.1 | |
| #SURICATA DNS Unsolicited response | |
| suppress gen_id 1, sig_id 2240001, track by_src, ip 8.8.8.8 | |
| # Breaks Stamps.com | |
| #SURICATA HTTP unable to match response to request | |
| suppress gen_id 1, sig_id 2221010 | |
| #Breaks AAII StockInvestor Pro | |
| #SURICATA Applayer Detect protocol only one direction | |
| suppress gen_id 1, sig_id 2260002 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment