[SOLVED] Edited changes to suricata.yaml do not hold in OPNsense 19.1.4-amd64

antonym · March 19, 2019, 03:07:12 AM

I am able to make changes to paramaters in suricata.yaml , and the file appears to save properly with the edits (file size changes after initially being saved with the edits), but then the file reverts back to the original form and size again (as if never edited) as soon as suricata is enabled again. I tried many variations of trying to edit this file: making the edits on the desktop, then using scp to transfer to the OPNSense router; making the edits from within the OPNSense shell (ssh) using vi. The edits made to this file just don't stick. Anyone else having this problem? Anyone know what the cause it and how to fix it?

franco · March 19, 2019, 07:47:53 AM

Hi antonym,

The sticky file is:

/usr/local/opnsense/service/templates/OPNsense/IDS/custom.yaml

suricata.yaml is supposed to be overwritten in order to keep a coherent configuration.

Cheers,
Franco

antonym · March 19, 2019, 02:06:40 PM

Hi Franco

Thank you very much for the instruction, and quick reply. I'll do that next.

Regards
Ant

[SOLVED] Edited changes to suricata.yaml do not hold in OPNsense 19.1.4-amd64

antonym

March 19, 2019, 03:07:12 AM Last Edit: March 20, 2019, 10:19:22 PM by franco

franco

March 19, 2019, 07:47:53 AM #1

antonym

March 19, 2019, 02:06:40 PM #2