Chose ips ruleset

there is a way to simply add my oinkcode and use a vrt paid subscription?

Something like pfsense or other firewall distro.

Or the possibility to choose from ET ruleset or vrt ruleset.

Hi please describe whole scenario in more details :wink:

in the ips tab i could choose from 4 polices…(from the free VRT ruleset?)

it would be great to have the possibility to chose wich ruleset to use (VRT or Emerging Threats Open) and if you own a subscription code, insert it and use the paid ruleset. (like the link in my first post)

Have you Oinknumber ? It is simple to deploy with custom template.
I can help you with.

i have a vrt paid subscription but i’m using it with my pfsense firewall…i’m asking for it because this could be a great function for who want to use NS as UTM firewall (not my case :wink: )

OT: i’m also intered in custom template…There is documentation on it?

  1. mkdir -p /etc/e-smith/templates-custom/etc/snort/pulledpork.conf

  2. cp /etc/e-smith/templates/etc/snort/pulledpork.conf/10rules /etc/e-smith/templates-custom/etc/snort/pulledpork.conf/10rules

  3. Edit vi /etc/e-smith/templates-custom/etc/snort/pulledpork.conf/10rules




rule_url=|etpro.rules.tar.gz|<et oinkcode>
  1. Run the following commands below:

       signal-event nethserver-pulledpork-save
       signal-event nethserver-snort-save
       signal-event firewall-adjust

I think we could at least offer a db prop to set the oinkcode. Probably a new field in snort web ui.

1 Like

very interesting…thank you!

is planned to be added also to the webgui?

How can we design correctly the webgui for this? Any suggestions? @jackyes @Nas @filippo_carletti

This is the pfsense way…(suricata package).