there is a way to simply add my oinkcode and use a vrt paid subscription?
Something like pfsense or other firewall distro.
Or the possibility to choose from ET ruleset or vrt ruleset.
Hi please describe whole scenario in more details 
in the ips tab i could choose from 4 polices…(from the free VRT ruleset?)
it would be great to have the possibility to chose wich ruleset to use (VRT or Emerging Threats Open) and if you own a subscription code, insert it and use the paid ruleset. (like the link in my first post)
Have you Oinknumber ? It is simple to deploy with custom template.
I can help you with.
i have a vrt paid subscription but i’m using it with my pfsense firewall…i’m asking for it because this could be a great function for who want to use NS as UTM firewall (not my case )
OT: i’m also intered in custom template…There is documentation on it?
-
mkdir -p /etc/e-smith/templates-custom/etc/snort/pulledpork.conf -
cp /etc/e-smith/templates/etc/snort/pulledpork.conf/10rules /etc/e-smith/templates-custom/etc/snort/pulledpork.conf/10rules -
Edit
vi /etc/e-smith/templates-custom/etc/snort/pulledpork.conf/10rules
Oinknumber
rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<oinkcode>
ETpro
rule_url=https://rules.emergingthreatspro.com/|etpro.rules.tar.gz|<et oinkcode>
-
Run the following commands below:
signal-event nethserver-pulledpork-save signal-event nethserver-snort-save signal-event firewall-adjust
2 Likes
I think we could at least offer a db prop to set the oinkcode. Probably a new field in snort web ui.
1 Like
very interesting…thank you!
is planned to be added also to the webgui?
