OPNsense Forum

English Forums => Intrusion Detection and Prevention => Topic started by: jclendineng on July 05, 2018, 12:38:07 am

Title: Suricata rules Managment
Post by: jclendineng on July 05, 2018, 12:38:07 am

First off new user from pfsense, this is absolutely awesome.  Like it way better.  Question: Are there plans to implement any form of rules management for suricata? Suppression, rules whitelist, etc. I can manually edit specific rules but when you have hundreds if not thousands of rules, it can become a bit time consuming :D

Title: Re: Suricata rules Managment
Post by: franco on July 05, 2018, 08:36:27 am

This is happening at the moment, a purpose-built fork: https://github.com/OPNids

Hopefully they will help in adding more of these features you talk about and push them back to OPNsense.

As I'm not involved I can't possibly say more.


Cheers,
Franco

Title: Re: Suricata rules Managment
Post by: mimugmail on July 05, 2018, 09:14:30 am

How old/young/new is this project?

Title: Re: Suricata rules Managment
Post by: franco on July 05, 2018, 09:15:38 am

very early stage


Cheers,
Franco

Title: Re: Suricata rules Managment
Post by: l0rdraiden on January 13, 2019, 10:23:18 pm

Quote from: franco on July 05, 2018, 09:15:38 am

very early stage


Cheers,
Franco

What are the plans to integrate this into opensense?
It will be as a pluging or it will be part of the core?

Title: Re: Suricata rules Managment
Post by: franco on January 14, 2019, 10:35:44 am

https://twitter.com/OPNids/status/1075110790775169024

Best to be asked to the people who work on the project. :)


Cheers,
Franco