OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Can't change IDS Rules to drop
« previous next »
  • Print
Pages: [1]

Author Topic: Can't change IDS Rules to drop  (Read 1869 times)

lfirewall1243

  • Hero Member
  • *****
  • Posts: 1358
  • Karma: 45
    • View Profile
Can't change IDS Rules to drop
« on: January 31, 2021, 05:53:40 pm »
After the Upgrade I can't enable the IDS Rules for blocking
Before I could change it unter IDS->Download

But now there isn't a button to "enable drop" for the market rules
« Last Edit: February 01, 2021, 09:40:43 am by lfirewall1243 »
Logged
OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support

mnaim

  • Jr. Member
  • **
  • Posts: 50
  • Karma: 4
    • View Profile
Re: Can't change IDS Rules to drop
« Reply #1 on: January 31, 2021, 10:18:39 pm »
It was migrated to IDS - Policy menu.
Logged

lfirewall1243

  • Hero Member
  • *****
  • Posts: 1358
  • Karma: 45
    • View Profile
Re: Can't change IDS Rules to drop
« Reply #2 on: February 01, 2021, 09:32:48 am »
Quote from: mnaim on January 31, 2021, 10:18:39 pm
It was migrated to IDS - Policy menu.

So it isnt possible to set a whole group for example "ET open/botcc" to drop.

I always have to choose each rule over the Rules Filter. right?
Or ist there a Button to Filter like "all CVE Rules", so that i dont have to click on each single CVE Rule
« Last Edit: February 01, 2021, 09:40:50 am by lfirewall1243 »
Logged
OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support

mnaim

  • Jr. Member
  • **
  • Posts: 50
  • Karma: 4
    • View Profile
Re: Can't change IDS Rules to drop
« Reply #3 on: February 01, 2021, 12:42:55 pm »
Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all
Logged

lfirewall1243

  • Hero Member
  • *****
  • Posts: 1358
  • Karma: 45
    • View Profile
Re: Can't change IDS Rules to drop
« Reply #4 on: February 01, 2021, 12:48:15 pm »
Quote from: mnaim on February 01, 2021, 12:42:55 pm
Yes it is possible. Create policy Rule set = ET open/botcc.
Action = Alert, New action = Drop

all CVE Rules - if you do not select any specific, it means all
Found it

Thank you!!!
Logged
OPNsense Telegram Group: https://t.me/joinchat/0o9JuLUXRFpiNmJk

PM for paid support

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 21.1 Legacy Series »
  • Can't change IDS Rules to drop
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2