{% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %}
suricata_enable="YES"

{% if OPNsense.IDS.general.ips|default("0") == "1" %}
# IPS mode, switch to netmap
suricata_netmap=YES

{% else %}

# IDS mode, pcap live mode
{% set addFlags=[] %}
{% for intfName in OPNsense.IDS.general.interfaces.split(',') %}
{%   if loop.index == 1 %}
{# enable first interface #}
suricata_interface="{{helpers.getNodeByTag('interfaces.'+intfName).if}}"
{%   else %}
{#   store additional interfaces to addFlags #}
{%      do addFlags.append(helpers.getNodeByTag('interfaces.'+intfName).if) %}
{%   endif %}
{% endfor %}
{#   append additional interfaces #}
suricata_flags="-D {%
   for intf in addFlags
%} -i {{ intf }}  {% endfor
%} "

{% endif %}

{% else %}
suricata_enable="NO"
{% endif %}

suricata_opnsense_bootup_run="/usr/local/opnsense/scripts/suricata/setup.sh"