OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: interkrome on February 25, 2016, 07:54:23 am

Title: [SOLVED] Intrusion Detection - Schedule Task
Post by: interkrome on February 25, 2016, 07:54:23 am

Hi!

How possible to schedule the service (suricata) to be shutdown at certain time then restart it back at certain time?

Title: Re: Intrusion Detection - Schedule Task
Post by: interkrome on April 06, 2016, 07:04:44 am

Managed to update the drop-down option from "update IDS rules" to "reload IDS rules" which before this both showing "update IDS rules".

But, how to add another option in that drop-down menu such as start and stop function of suricata. Any idea?

Title: Re: Intrusion Detection - Schedule Task
Post by: AdSchellevis on April 06, 2016, 11:36:30 am

Hi interkrome,

You can build your own configd actions to do so, development documentation is available here https://docs.opnsense.org/development/examples/helloworld.html?highlight=configd (https://docs.opnsense.org/development/examples/helloworld.html?highlight=configd)

For example, create a file here:

Code: [Select]

/usr/local/opnsense/service/conf/actions.d/actions_myactions.conf
Containing something like this:

Code: [Select]

[stop]
command:/usr/local/etc/rc.d/suricata stop
parameters:
type:script
message:reload suricata rules
description: stop suri

(when a description is available, you should be able to schedule the item from https://<your address>/ui/cron/ (https://<your address>/ui/cron/) )


Don't forget to restart configd after adding new templates:

Code: [Select]

service configd restart
Next test your action, using:

Code: [Select]

configctl myactions stop
Regards,

Ad

Title: Re: Intrusion Detection - Schedule Task
Post by: interkrome on April 06, 2016, 01:00:49 pm

It works!

Thanks Ad!