OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: Taomyn on May 30, 2017, 09:48:20 pm
-
As I seem to have gotten IDS/IPS to spark into life, I'd really like to reset it back to defaults as it would be on a fresh OPNsense installation. How can I do this?
My current tests with both pattern options drops my Internet speed to 10% i.e. 20Mbit from 200Mbit, which as you can imagine is not what I want. I want to eliminate any rules/settings I may have set in the past and start from scratch to see if that helps.
-
hi,
at the CLI console choose option 4 (reset to factory defaults)
unforfunately all configurations will be erased.
you must perform configuration backup found in System>Configuration>Backups
prior to reset and choose what features to restore after the reset.
Hope this helps.
OPNSENSE ROCKS!!!!!
-
Hi, thanks for the response, but I'm not at a point where I want to fully reset my box just for this one module - I'm not really convinced any kind of backup will fully restore everything except the one part I don't want, e.g. what about all my Let's Encrypt certificates/settings are they captured and stored for restoration?
Surely there has to be a away to reset just Suricata? Can it be uninstalled and it's config files deleted afterwards? If my experience with a small Fedora server running ownCloud is anything to go by, uninstalling it then simply re-installing it doesn't lose my config, so to really start from scratch I'd have to manually delete the remaining files.
hi,
at the CLI console choose option 4 (reset to factory defaults)
unforfunately all configurations will be erased.
you must perform configuration backup found in System>Configuration>Backups
prior to reset and choose what features to restore after the reset.
Hope this helps.
OPNSENSE ROCKS!!!!!
-
Hi Taomyn,
There isn't much to reset. You can reinstall the package, but most firmware updates do this (17.1.8 will for example). The config files are regenerated, so it's doing a reset all the time.
Maybe you want to consider deleting the IDS Section in the config.xml manually to erase GUI settings for IDS?
The question is: what are you really worried about that could linger in the IDS?
Cheers,
Franco