rc.conf.d 956 Bytes
Newer Older
1 2
{# Macro import #}
{% from 'OPNsense/Macros/interface.macro' import physical_interface %}
3
{% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %}
4
suricata_enable="YES"
5 6 7

{% if OPNsense.IDS.general.ips|default("0") == "1" %}
# IPS mode, switch to netmap
8
suricata_netmap=YES
9 10 11 12 13

{% else %}

# IDS mode, pcap live mode
{% set addFlags=[] %}
14 15 16
{% for intfName in OPNsense.IDS.general.interfaces.split(',') %}
{%   if loop.index == 1 %}
{# enable first interface #}
17
suricata_interface="{{ physical_interface(intfName) }}"
18 19
{%   else %}
{#   store additional interfaces to addFlags #}
20
{%      do addFlags.append(physical_interface(intfName)) %}
21 22 23
{%   endif %}
{% endfor %}
{#   append additional interfaces #}
24
suricata_flags="-D {%
25
   for intf in addFlags
26
%} -i {{ intf }}  {% endfor
27
%} "
28 29 30

{% endif %}

31 32 33
{% else %}
suricata_enable="NO"
{% endif %}
34 35

suricata_opnsense_bootup_run="/usr/local/opnsense/scripts/suricata/setup.sh"