If I wish to change say, vars.address-groups.SMTP_SERVERS, what syntax to use in /usr/local/opnsense/service/templates/OPNsense/IDS/custom.yaml without having to re-declare the entire vars.address-groups?
Many thanks.
Seems this is not possible without modifying suricata.yaml or the jinja template, to have a nested include in vars.address-groups.
Yaml config does not support overlays. I want to avoid modifying package files :-(