Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Properly whitelisting #19156

Open
DigiAngel opened this issue May 1, 2023 · 4 comments
Open

Properly whitelisting #19156

DigiAngel opened this issue May 1, 2023 · 4 comments
Labels
question support

Comments

@DigiAngel
Copy link

So...I have this which I'd like to whitelist:

May  1 13:28:01  CEF: 0|Maltrail|sensor|0.56|2023-04-30|long ___domain (suspicious)|1|src=*.*.*.* spt=10717 dst=*.*.*.* dpt=53 trail=(e0d67c50a7e624febcb2fe3f88c2aa.baas).nintendo.com ref=(heuristic)

I added nintendo.com to my maltrail.conf (USER_WHITELIST ./whitelist.txt), but I still see this after restarting. How does one correctly whitelist something like this? Thank you.
@MikhailKasimov
Copy link
Collaborator

Whitelisted globally: 449b3c6

@DigiAngel
Copy link
Author

Hey thanks...is there a reason this does not appear to work when I added it to my custom whitelist?

@MikhailKasimov
Copy link
Collaborator

Will try to play with it on my side. More likely to be able to play on weekend.

@DigiAngel
Copy link
Author

Thanks friend!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question support
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DigiAngel @MikhailKasimov