1. Home
  2. pfSense Packages
  3. IDS/IPS
  4. Suricata offline rules update

Suricata offline rules update

  • J

    Hi, i'm in a closed network and I need to update Suricata rules. How can I update Suricata rules without an Internet connection?

    0
  • bmeeks

    Right now the code is just not set up for that.  You can try manually unzipping the files into /usr/pbi/suricata-amd64/etc/suricata/rules (assuming you have a 64-bit install – if not, then replace "amd64" with "i386").  After doing this, you would need to restart Suricata on all interfaces.

    I can add a TODO item for a future update to place an offline update option on the UPDATE tab.  I maintained air-gapped networks in my old job and understand the need for such a feature.

    Bill

    0
  • J

    thanks for your reply, I already tried that, but it didn´t work out, there are a number of configuration files that need to be updated, but I could not find  which ones and what to write

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy