Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 3 subscribers
  • Views 1090 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Feature Request]Custom IDS Rules

wingman
Is there a plan in the near future to allow custom IDS rules?I found the relevant kb but i can't find it on the GUI (seems to be only for v4,5,6)


This thread was automatically locked due to age.
Parents
  • 0
    They did go away when v7 came out.

    If you're familiar with Snort, it might be possible to add a 'local.rules' file to 
    /var/sec/chroot-snort/etc/snort/rules/

    If you need to modify the snort config file, also edit snort.conf-default; Astaro will normally copy the changes from that file when changes are made in webmin.

    (Modifying Astaro via command line may void your support. Backup your configuration first.)

    Barry
  • 0 in reply to BarryG
    Thx for the quick reply.

    I am a home user [:)] It seems that I can edit the astaro.rules and add my own snort rules. Do you know if those rules will remain after an update is performed?
  • 0 in reply to wingman
    The local.rules file should remain, unless Astaro decides they want to have their own local.rules file.

    The snort.conf and snort.conf-default WILL get overwritten when Astaro pushes a new Snort, and possibly even by pattern up2dates.

    (keep a backup of your file changes)

    Barry
Reply
  • 0 in reply to wingman
    The local.rules file should remain, unless Astaro decides they want to have their own local.rules file.

    The snort.conf and snort.conf-default WILL get overwritten when Astaro pushes a new Snort, and possibly even by pattern up2dates.

    (keep a backup of your file changes)

    Barry
Children