diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
index c68a906ba..7692d7af3 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml
@@ -13,12 +13,19 @@
before enabling, please disable all hardware offloading first.
in advanced network
]]>
+
+ ids.general.promisc
+
+ checkbox
+
+
ids.general.interfaces
select_multiple
-
+
Type or select interface.
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
index 1dcd7000b..d6e070cb9 100644
--- a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
@@ -92,10 +92,15 @@
0
Y
+
+ 0
+ Y
+
Y
wan
Y
+ Y
/^(?!0).*$/
diff --git a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
index d0f96e1d5..870f71b36 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+++ b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@@ -313,7 +313,7 @@ netmap:
- interface: default
threads: auto
copy-mode: ips
- disable-promisc: yes
+ disable-promisc: {% if OPNsense.IDS.general.promisc|default('0') == '0' %}yes{% else %}no{% endif %} # promiscuous mode
checksum-checks: auto
{% if helpers.exists('OPNsense.IDS.general.interfaces') %}
@@ -745,6 +745,7 @@ logging:
pcap:
- interface: default
+ promisc: {% if OPNsense.IDS.general.promisc|default('0') == '1' %}yes{% else %}no{% endif %} # promiscuous mode
pcap-file:
# Possible values are: