(ids) add template for user defined rules

(cherry picked from commit 32c774fb)

(ids) add template for user defined rules
(cherry picked from commit 32c774fb)
fc110d02 · Ad Schellevis · Franco Fichtner · 6ba4d79d · fc110d02 · fc110d02
Commit fc110d02 authored Feb 02, 2016 by Ad Schellevis Committed by Franco Fichtner Feb 05, 2016
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 0 deletions

+TARGETS src/opnsense/service/templates/OPNsense/IDS/+TARGETS +1 -0

OPNsense.rules src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules +12 -0

No files found.
--- a/src/opnsense/service/templates/OPNsense/IDS/+TARGETS
+++ b/src/opnsense/service/templates/OPNsense/IDS/+TARGETS
@@ -5,3 +5,4 @@ newsyslog.conf:/etc/newsyslog.conf.d/suricata
 rule-updater.config:/usr/local/etc/suricata/rule-updater.config
 classification.config:/usr/local/etc/suricata/classification.config
 reference.config:/usr/local/etc/suricata/reference.config
+OPNsense.rules:/usr/local/etc/suricata/rules/OPNsense.rules
--- a/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
+++ b/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
+# AUTO GENERATED, DO NOT EDIT.
+#
+# OPNsense.rules
+# User defined rules
+#
+# -- SSL fingerprint rules
+{% if helpers.exists('OPNsense.IDS.rules.fingerprint') %}
+{%      for rule in helpers.toList('OPNsense.IDS.rules.fingerprint') %}
+{{rule.action}}  tls any any -> any any (msg:"{{rule.description.replace('"','\"')}}"; tls.fingerprint:"{{rule.fingerprint.lower()}}"; sid:{{4294967295 - loop.index}}; rev:1;)
+{%      endfor %}
+{% endif %}