Suricata - customize vars.address-groups

Started by keeka, October 02, 2025, 10:01:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 02, 2025, 10:01:18 PM
If I wish to change say, vars.address-groups.SMTP_SERVERS, what syntax to use in /usr/local/opnsense/service/templates/OPNsense/IDS/custom.yaml without having to re-declare the entire vars.address-groups?
Many thanks.
Today at 09:02:24 AM #1
Seems this is not possible without modifying suricata.yaml or the jinja template, to have a nested include in vars.address-groups.
Yaml config does not support overlays. I want to avoid modifying package files :-(
Print
Go Up Pages1
User actions