Suricata rules Managment

jclendineng · July 05, 2018, 12:38:07 AM

First off new user from pfsense, this is absolutely awesome. Like it way better. Question: Are there plans to implement any form of rules management for suricata? Suppression, rules whitelist, etc. I can manually edit specific rules but when you have hundreds if not thousands of rules, it can become a bit time consuming :D

franco · July 05, 2018, 08:36:27 AM

This is happening at the moment, a purpose-built fork: https://github.com/OPNids

Hopefully they will help in adding more of these features you talk about and push them back to OPNsense.

As I'm not involved I can't possibly say more.

Cheers,
Franco

mimugmail · July 05, 2018, 09:14:30 AM

How old/young/new is this project?

franco · July 05, 2018, 09:15:38 AM

very early stage

Cheers,
Franco

l0rdraiden · January 13, 2019, 10:23:18 PM

Quote from: franco on July 05, 2018, 09:15:38 AM
very early stage

Cheers,
Franco

What are the plans to integrate this into opensense?
It will be as a pluging or it will be part of the core?

franco · January 14, 2019, 10:35:44 AM

https://twitter.com/OPNids/status/1075110790775169024

Best to be asked to the people who work on the project. :)

Cheers,
Franco

Suricata rules Managment

jclendineng

July 05, 2018, 12:38:07 AM

franco

July 05, 2018, 08:36:27 AM #1

mimugmail

July 05, 2018, 09:14:30 AM #2

franco

July 05, 2018, 09:15:38 AM #3

l0rdraiden

January 13, 2019, 10:23:18 PM #4

franco

January 14, 2019, 10:35:44 AM #5