Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Some ET rulesets emtpy
« previous
next »
Print
Pages: [
1
]
Author
Topic: Some ET rulesets emtpy (Read 1839 times)
Bobox
Newbie
Posts: 1
Karma: 0
Some ET rulesets emtpy
«
on:
December 03, 2020, 11:20:37 am »
Hi there,
finally switched from pfSense to OPNsense 20.1 and I really like it
I'm using the telemetry rule set with the code from Deciso.
One problem though, I was wondering why Suricata does not catch ET CINS, ET DROP or ET COMPROMISED anymore like it did frequently on my pfSense Suricata.
It seems the respective rulesets are empty, just enabled and downloaded all as a test fo this. All the 58B sized are empty.
How do I fix this?
ufabetyou
Logged
chemlud
Hero Member
Posts: 2486
Karma: 112
Re: Some ET rulesets emtpy
«
Reply #1 on:
December 03, 2020, 02:47:14 pm »
Hi to OPNsense!
Screenshot of IPS -> Download page maybe? :-)
Where did yo see this 58 bit empty file?
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
franco
Administrator
Hero Member
Posts: 17668
Karma: 1611
Re: Some ET rulesets emtpy
«
Reply #2 on:
December 03, 2020, 07:54:55 pm »
Hi,
Maybe the same as
https://github.com/opnsense/core/issues/4479
-- telemetry is an ET Pro set and some ET Open sets are not available / deprecated / substituted.
Cheers,
Franco
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Some ET rulesets emtpy