3. Snort - Snort Interfaces > WAN Rules > Categories are blank

Snort - Snort Interfaces > WAN Rules > Categories are blank

  • F

    Hey all, just started using the snort package and noticed there are… no rules. If I look at the interfaces, I see it's running, and enabled for the interface, but there's no rules defined:
    https://www.dropbox.com/s/w5aqsa63w1q6ozi/snortinterfaces.JPG

    So then I edit the interface, click on WAN Rules… aaand there's nothing.
    There's a Category: custom_rules, but there's nothing else to choose from... is there presets by default? From some cursory looks it seems others have options to select from for categories and such. But... where am I going wrong here?
    https://www.dropbox.com/s/awnrz8627vz2hqp/customrules.JPG

    0

  • @felesaerius:

    Hey all, just started using the snort package and noticed there are… no rules. If I look at the interfaces, I see it's running, and enabled for the interface, but there's no rules defined:
    https://www.dropbox.com/s/w5aqsa63w1q6ozi/snortinterfaces.JPG

    So then I edit the interface, click on WAN Rules… aaand there's nothing.
    There's a Category: custom_rules, but there's nothing else to choose from... is there presets by default? From some cursory looks it seems others have options to select from for categories and such. But... where am I going wrong here?
    https://www.dropbox.com/s/awnrz8627vz2hqp/customrules.JPG

    Follow the setup instructions in this sticky thread posted at the top of the Packages forum:  http://forum.pfsense.org/index.php/topic,61018.0.html

    From your description, it sounds like you have not gone to the Global Settings tab and enabled any rule sets for download (Snort VRT, Emerging Threats and/or Snort GPLv2 Community Rules).  If you have not done so yet, read all the posts in the thread I linked.  That should get you going.  If not, post back and the team here can assist.

    One note about the linked post:  it refers to the "green icon" when starting the Snort interfaces.  That was the old icon.  In the current Snort package, the icon for the interface will be a red X when Snort is not running, and a green arrow point when Snort is running.  Unfortunately I am unable to edit that old post to correct the misinformation. :(

    Bill

    0
  • F

    Got it, thank you!

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy