Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Switch from ETPro to ETOpen rules

    Scheduled Pinned Locked Moved IDS/IPS
    4 Posts 2 Posters 489 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      btspce
      last edited by

      What happens to the suricata portion of the pfsense config in this case?
      Will it clean out the configuration changes to ETPro rules and categories from the config?
      Will the current configuration changes to the default rules and categories be left intact?

      Anything else we should be aware of?

      bmeeksB 1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks @btspce
        last edited by

        @btspce said in Switch from ETPro to ETOpen rules:

        What happens to the suricata portion of the pfsense config in this case?
        Will it clean out the configuration changes to ETPro rules and categories from the config?
        Will the current configuration changes to the default rules and categories be left intact?

        Anything else we should be aware of?

        Nothing happens. The configuration of the ET-Open rules remains unchanged. You can run both sets of rules if you desire (but not sure why anyone would). Internally the files are renamed with prefixes as they are unpacked from the rules GZIP archive.

        If you enable ET-Pro rules, I recommend disabling the ET-Open rules to conserve resources.

        B 1 Reply Last reply Reply Quote 0
        • B
          btspce @bmeeks
          last edited by

          @bmeeks said in Switch from ETPro to ETOpen rules:

          The configuration of the ET-Open rules remains unchanged.

          I'm going the other way from ETPro to ETOpen in this case and will be disabling the ETPro rules when the subscription expires. Just wanted to make sure that the default rules on all interfaces is not reset to default. Thanks!

          bmeeksB 1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks @btspce
            last edited by

            @btspce said in Switch from ETPro to ETOpen rules:

            I'm going the other way from ETPro to ETOpen in this case

            Yeah, sorry about that 😊. It says that right in the title and I still missed it.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.