Can't change IDS Rules to drop

Started by lfirewall1243, January 31, 2021, 05:53:40 PM

Previous topic - Next topic
January 31, 2021, 05:53:40 PM Last Edit: February 01, 2021, 09:40:43 AM by lfirewall1243
After the Upgrade I can't enable the IDS Rules for blocking
Before I could change it unter IDS->Download

But now there isn't a button to "enable drop" for the market rules
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support

It was migrated to IDS - Policy menu.

February 01, 2021, 09:32:48 AM #2 Last Edit: February 01, 2021, 09:40:50 AM by lfirewall1243
Quote from: mnaim on January 31, 2021, 10:18:39 PM
It was migrated to IDS - Policy menu.

So it isnt possible to set a whole group for example "ET open/botcc" to drop.

I always have to choose each rule over the Rules Filter. right?
Or ist there a Button to Filter like "all CVE Rules", so that i dont have to click on each single CVE Rule
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support

Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all

Quote from: mnaim on February 01, 2021, 12:42:55 PM
Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all
Found it

Thank you!!!
(Unoffial Community) OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support