diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
index e8b25311d..4f9796658 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
@@ -29,6 +29,12 @@
dropdown
Set action to perform here, only used when in IPS mode.
+
+ rule.bypass
+
+ checkbox
+ Set bypass keyword. Increases traffic throughput. Suricata reads a packet, decodes it, checks it in the flow table. If the corresponding flow is local bypassed then it simply skips all streaming, detection and output and the packet goes directly out in IDS mode and to verdict in IPS mode.
+
rule.description
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
index 9c5943f6b..2607b6f8f 100644
--- a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
@@ -1,6 +1,6 @@
//OPNsense/IDS
- 1.0.7
+ 1.0.8
OPNsense IDS
@@ -113,6 +113,10 @@
Pass
+
+ 0
+ Y
+
diff --git a/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules b/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
index 747600000..f35d97698 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
+++ b/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
@@ -9,7 +9,7 @@
{% for rule in helpers.toList('OPNsense.IDS.userDefinedRules.rule') %}
{% if rule.enabled|default('0') == '1' %}
{{rule.action}}{% if rule.fingerprint|default('') != ""
- %} tls {% else %} ip {% endif %} {% if rule.source|default('') != "" %} {{ rule.source }} {% else %} any {% endif %} any -> {% if rule.destination|default('') != "" %} {{ rule.destination }} {% else %} any {% endif %} any (msg:"{{rule.description.replace('"','\"')}}"; {%
+ %} tls {% else %} ip {% endif %} {% if rule.source|default('') != "" %} {{ rule.source }} {% else %} any {% endif %} any -> {% if rule.destination|default('') != "" %} {{ rule.destination }} {% else %} any {% endif %} any (msg:"{{rule.description.replace('"','\"')}}"; {% if rule.bypass|default('0') == '1' %}bypass;{% endif %}{%
if rule.fingerprint|default('') != "" %} tls.fingerprint:"{{rule.fingerprint.lower()}}";{% endif
%} sid:{{
4294967295 - loop.index