Text only | Text with Images

OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: harsing on October 18, 2022, 09:05:40 AM

Title: Can't download rules and enable IDS
Post by: harsing on October 18, 2022, 09:05:40 AM
Hi,
When I try to download rules for IDS it just times out. Occasionally I get python errors. From log:

Code Select

2022-10-18T08:50:12 Error configd.py Timeout (120) executing : ids list rulemetadata

2022-10-18T08:48:10 Error configd.py Timeout (120) executing : ids update

2022-10-16T23:00:05 Error configd.py [28fe2645-cd6e-4e97-8c16-5cd33c0fd03e] Script action failed with Command
'/usr/local/opnsense/scripts/suricata/listRuleMetadata.py ' returned non-zero exit status 1. at Traceback (most recent call last):
File "/usr/local/opnsense/service/modules/processhandler.py", line 482, in execute subprocess.check_call(script_command,
env=self.config_environment, shell=True, File "/usr/local/lib/python3.9/subprocess.py",
line 373, in check_call raise CalledProcessError(retcode, cmd) subprocess.
CalledProcessError: Command '/usr/local/opnsense/scripts/suricata/listRuleMetadata.py '
returned non-zero exit status 1.


Can someone point me in the right direction? I'm pretty new to OPNsense so I might have missed something basic.

Regards,
Matts
Title: Re: Can't download rules and enable IDS
Post by: featheredfifth on March 29, 2023, 10:43:13 AM
QuoteWhen I try to download rules for IDS it just times out. Occasionally I get python errors. basket random (https://basketrandom.io) 
Hi everyone,
I have the same issue. Hope someone can explain in more detail.
Title: Re: Can't download rules and enable IDS
Post by: Melroy vd Berg on July 16, 2024, 10:37:32 PM
You need to "edit" the rule first and select "Enable" checkbox. Then try to press Download & Update Rules.. I know it's stupid.
Title: Re: Can't download rules and enable IDS
Post by: Greg_E on July 18, 2024, 04:03:29 PM
You just need to enable the rule first, then you can download it and edit it later. That caught me when I went from testing to production hardware and free to Business and I forgot I have to enable the rule before it would download.

It does kind of make sense, no reason to download a rule if it isn't going to be enabled to alert or drop, this helps prevent the rule list from being really big, which should improve scanning time.
Title: Re: Can't download rules and enable IDS
Post by: actresshear on November 14, 2024, 11:01:31 AM
I also had the same problem and followed a few suggestions from everyone but the problem remained the same :'(
Title: Re: Can't download rules and enable IDS
Post by: someone on November 21, 2024, 12:13:11 AM
at the top click to check all rules, all rules will get checkmark
At the top click on enable
With all rules enabled and with checkmarks then go to bottom and click download
Text only | Text with Images