Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
IDS/IPS Restart / Reboot /Rule Change
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS/IPS Restart / Reboot /Rule Change (Read 2327 times)
karaman
Newbie
Posts: 33
Karma: 0
IDS/IPS Restart / Reboot /Rule Change
«
on:
August 31, 2020, 06:44:55 pm »
Does the Suricata service have to restart or does the firewall have to be completely restarted?
I change rules and they don't work until I restart everything
Logged
karaman
Newbie
Posts: 33
Karma: 0
Re: IDS/IPS Restart / Reboot /Rule Change
«
Reply #1 on:
September 01, 2020, 10:15:02 am »
No body an Idea?
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: IDS/IPS Restart / Reboot /Rule Change
«
Reply #2 on:
September 01, 2020, 10:48:34 am »
can you please be a little more specific. what have you changed in the rule? what steps did you take?
Logged
karaman
Newbie
Posts: 33
Karma: 0
Re: IDS/IPS Restart / Reboot /Rule Change
«
Reply #3 on:
September 01, 2020, 05:45:39 pm »
I have set "ET SCAN Suspicious inbound to MSSQL port 1433" to Alarm only.
Butt the Suricata is still blocking. What must i make after change Rules / Rulesets.
Suricata doesnt use the new Rules.
I have already the Apply Button on Rules and also the Download and apply button.
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: IDS/IPS Restart / Reboot /Rule Change
«
Reply #4 on:
September 01, 2020, 06:02:54 pm »
"Apply" should be enough.
in suricata log shoud be strings -- rule reload starting and -- rule reload complete. after that changes starts working.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
IDS/IPS Restart / Reboot /Rule Change