OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Manualy import rulesets
« previous next »
  • Print
Pages: [1]

Author Topic: Manualy import rulesets  (Read 3458 times)

dyonis0s

  • Newbie
  • *
  • Posts: 6
  • Karma: 0
    • View Profile
Manualy import rulesets
« on: March 13, 2019, 02:02:51 pm »
Hello,

I'm using OPNSense in an architecture that is not connected to Internet.
I would like to use the IDS/IPS and especially import rulesets.

Is there a way to do that without Internet ?

Thank you :)
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17703
  • Karma: 1616
    • View Profile
Re: Manualy import rulesets
« Reply #1 on: March 14, 2019, 11:59:05 am »
Hi dyonis0s,

You can drop them directly into a rule dir on the file system, but I don't exactly remember which one.

It should have been noted in the forum previously.


Cheers,
Franco
Logged

MakesSense

  • Newbie
  • *
  • Posts: 17
  • Karma: 2
    • View Profile
Re: Manualy import rulesets
« Reply #2 on: March 15, 2019, 01:03:59 pm »
I'm using OpnSense 18.7.10 (haven't upgraded yet due to the kernel panic issue).

There the Suricata rules are stored in these two folders:

/usr/local/etc/suricata/rules/
/usr/local/etc/suricata/opnsense.rules/

Not sure if  both are needed...

I also add my custom rules files names to /usr/local/etc/suricata/installed_files.yaml
Logged

dyonis0s

  • Newbie
  • *
  • Posts: 6
  • Karma: 0
    • View Profile
Re: Manualy import rulesets
« Reply #3 on: March 15, 2019, 02:49:16 pm »
Thank you for your help ;).

I'll give a try !
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Manualy import rulesets
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2