OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: Noctur on February 08, 2018, 04:51:02 pm

Title: IDS/IPS Plugins - Snort Rules PT Research Rules not loaded config reinstall
Post by: Noctur on February 08, 2018, 04:51:02 pm: In my upgrade from 17.1.12_1 to 18.1.1 I used a backup config file to reinstall my settings. In those settings I had the Snort/VRT rules tagged and had my ID and rules version file input.

On inspection, I noted the packages for Snort VRT and PT Research rulesets were not checked in the packages. Checking the IDS rules, they were not present.

After installing the packages my Snort user ID and rules file version were present. I was able to download and install those rules.

It looks like restoring a prior config is not capturing the all of the installed packages.
Title: Re: IDS/IPS Plugins - Snort Rules PT Research Rules not loaded config reinstall
Post by: franco on February 12, 2018, 06:31:00 pm: There is an open ticket for remembering plugins, but besides mentioning it we can't do more. Auto-installing plugins is risky and crosses a barrier to always invoke user-interaction before doing something. And that is assuming a connection is up and running....

https://github.com/opnsense/core/issues/1663

Cheers,
Franco

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy