From 4a79cb9aed769dd5c8f93f36b2f8b54b22bd314c Mon Sep 17 00:00:00 2001 From: Ad Schellevis Date: Tue, 3 Oct 2023 09:18:50 +0200 Subject: [PATCH] Services: Intrusion Detection - make a note about emulated mode as this is often a more stable solution when there are traffic issues with network cards / drivers. --- source/manual/ips.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/source/manual/ips.rst b/source/manual/ips.rst index b6f60931..3b977fb3 100644 --- a/source/manual/ips.rst +++ b/source/manual/ips.rst @@ -65,8 +65,10 @@ drop the packet that would have also been dropped by the firewall. .. Note:: - IDS mode is available on almost all (virtual) network types. IPS mode is - *only* available with `supported physical adapters`_. + IDS mode is available on almost all (virtual) network types. + When your network card is not (fully) supported, you can set the tunable :code:`dev.netmap.admode` to the value :code:`2` + in which case emlated mode will be enforced (Configurable in :menuselection:`System --> Settings --> Tunables`). A list of natively + `supported physical adapters`_ is available in the FreeBSD man page. .. _RFC 1918: https://tools.ietf.org/html/rfc1918 .. _supported physical adapters: https://www.freebsd.org/cgi/man.cgi?query=netmap&sektion=4&manpath=FreeBSD+12.1-RELEASE+and+Ports#SUPPORTED_DEVICES