Snort rules within categories grayed out



  • Hello everyone.

    There is something I noticed about the rules within the categories in Snort. In some of the categories there are a lot of rules that do not appear active. The X's are grayed out. When I try to enable them manually they stay grayed out and still appear inactive.  ???
    I have tried to activate them with and without the emerging rules installed, Snort running and not running.
    I am a VRT rule subscriber so I assume I should get all the new rules in working order.
    Snort seems to be blocking, not sure about the grayed out rules though.

    I have searched the forum and didn’t find anyone else with the same question/ problem.

    Any assistance or information would be greatly appreciated.

    Snort Version 2.9.1 Latest Release
    PfSense 2.0.1 i386



  • The main problem with it is even if does get enabled & disabled as you tune the pfsense instance as soon as the next update happens it overwrites it. I have mentioned this before if someone was able to change it so that when you enable/disable it the change is made in the pulledpork/oinkmaster configuration file to remember it.

    Your only other option is to use pulledpork on another machine to pull the rules down and tune them and then copy them over to your pfsense box and disable auto-updates on the box itself.

    Regards,
    Kevin


Log in to reply