OPNsense Forum
English Forums => Intrusion Detection and Prevention => Topic started by: dyonis0s on March 13, 2019, 02:02:51 pm
-
Hello,
I'm using OPNSense in an architecture that is not connected to Internet.
I would like to use the IDS/IPS and especially import rulesets.
Is there a way to do that without Internet ?
Thank you :)
-
Hi dyonis0s,
You can drop them directly into a rule dir on the file system, but I don't exactly remember which one.
It should have been noted in the forum previously.
Cheers,
Franco
-
I'm using OpnSense 18.7.10 (haven't upgraded yet due to the kernel panic issue).
There the Suricata rules are stored in these two folders:
/usr/local/etc/suricata/rules/
/usr/local/etc/suricata/opnsense.rules/
Not sure if both are needed...
I also add my custom rules files names to /usr/local/etc/suricata/installed_files.yaml
-
Thank you for your help ;).
I'll give a try !