Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Policy Suricata not working
« previous
next »
Print
Pages:
1
2
[
3
]
Author
Topic: Policy Suricata not working (Read 15387 times)
someone
Full Member
Posts: 115
Karma: 2
Re: Policy Suricata not working
«
Reply #30 on:
October 08, 2024, 04:48:09 am »
if changed individual rules may have to reinstall, caused me issues
Policy can select individual rulesets or leave blank for all
Two actions... one at top and one near the bottom
The one near the top defines what it is set to, should the default disabled, alert,drop
The action at the bottom is what you want to change the top defined action to, me its drop
Once one is made and can see how it works, should make several depending on needs
Click apply, if you did all, you will have to wait several hours to see it in Intrusion Detection > Rules
There will be two suricata engines running
One is rewriting every single rule to drop, it takes a long while, 150,000 rules
When its done all rules will be set to drop and can see it in the rules section
Suricata will change them all if that is what you set the policy to do, it takes time
If the rules are downloaded and opened , they show suricata rewrote every rule to drop
If disabled is included in the top action and all rulesets chosen by leaving rulesets blank
All disabled rules will be enabled and set to drop if that is the action at the bottom of page called new action
I run all rulesets rules enabled and set to drop, need a couple policies to not block certain social media and paypal when needed
disable one policy and enable another
When finished switch them back
Logged
Print
Pages:
1
2
[
3
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Policy Suricata not working