I am looking for the most efficient way to white list anyclient ( they have tonnes of IPs / relay domains ) in Snort installed on pfsense? Aim is to access my internal resources from Starbucks while connected via Wireguard? Do I need both a WAN and LAN interface for Snort ?
Install Snort, put it on LAN, don’t turn on blocking, use the tools and do the work you want to do, go through rules and disable the false positives.