Author Topic: Can't change IDS Rules to drop (Read 1869 times)

lfirewall1243 · « **on:** January 31, 2021, 05:53:40 pm »

After the Upgrade I can't enable the IDS Rules for blocking
Before I could change it unter IDS->Download

But now there isn't a button to "enable drop" for the market rules

mnaim · « **Reply #1 on:** January 31, 2021, 10:18:39 pm »

It was migrated to IDS - Policy menu.

lfirewall1243 · « **Reply #2 on:** February 01, 2021, 09:32:48 am »

Quote from: mnaim on January 31, 2021, 10:18:39 pm

It was migrated to IDS - Policy menu.

So it isnt possible to set a whole group for example "ET open/botcc" to drop.

I always have to choose each rule over the Rules Filter. right?
Or ist there a Button to Filter like "all CVE Rules", so that i dont have to click on each single CVE Rule

mnaim · « **Reply #3 on:** February 01, 2021, 12:42:55 pm »

Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all

lfirewall1243 · « **Reply #4 on:** February 01, 2021, 12:48:15 pm »

Quote from: mnaim on February 01, 2021, 12:42:55 pm

Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all

Found it

Thank you!!!

Author Topic: Can't change IDS Rules to drop (Read 1869 times)

lfirewall1243

Can't change IDS Rules to drop

mnaim

Re: Can't change IDS Rules to drop

lfirewall1243

Re: Can't change IDS Rules to drop

mnaim

Re: Can't change IDS Rules to drop

lfirewall1243

Re: Can't change IDS Rules to drop