OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • 21.7 adding custom rules to IDS doesn't seem to work
« previous next »
  • Print
Pages: [1]

Author Topic: 21.7 adding custom rules to IDS doesn't seem to work  (Read 2521 times)

nzkiwi68

  • Full Member
  • ***
  • Posts: 182
  • Karma: 20
    • View Profile
21.7 adding custom rules to IDS doesn't seem to work
« on: July 31, 2021, 01:36:10 am »
I can't get my custom IDS rules to load. I've rebooted, waited a day, etc. Perhaps when using Proofpoint ET ruleset it won't add custom rules??

Here my file "spamhausBCL.xml" and it's placed in usr/local/opnsense/scripts/suricata/metadata/rules/spamhausBCL.xml

Code: [Select]
<?xml version="1.0"?>
<ruleset>
    <location url="https://pub-api.spamhaus.org/api/snort/" prefix="spamhausBCL"/>
    <files>
        <file url="https://pub-api.spamhaus.org/api/snort/?account=xxxxxxxxxxxxxxx&key=yyyyyyyyyyyyy"
              description="Spamhaus Botnet Controller List"
              documentation_url="https://www.spamhaus.org/bcl/"
        >spamhausBCL.rules</file>   
    </files>
</ruleset>

Any ideas?
Logged

Fright

  • Hero Member
  • *****
  • Posts: 1777
  • Karma: 164
    • View Profile
Re: 21.7 adding custom rules to IDS doesn't seem to work
« Reply #1 on: August 06, 2021, 04:58:36 pm »
hi
try to escape "&" sign in xml (change & to &amp;). should work imho
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • 21.7 adding custom rules to IDS doesn't seem to work
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2