diff --git a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
index b28db8f06..1cb0f2a25 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/dialogUserDefined.xml
@@ -7,10 +7,23 @@
rule.fingerprint
-
+
textthe SSL fingerprint, for example B5:E1:B3:70:5E:7C:FF:EB:92:C4:29:E5:5B:AC:2F:AE:70:17:E9:9E
+
+ rule.country
+
+ select_multiple
+
+ Countries to alert or block using GeoIP
+
+
+ rule.geoip_direction
+
+ dropdown
+ Connections coming from (src) or going to (dst) listed countries, default (none) selects both
+ rule.action
diff --git a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
index c201d9974..9e3ef1695 100644
--- a/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/IDS/IDS.xml
@@ -36,6 +36,19 @@
/^([0-9a-fA-F:]){59,59}$/uA SSL fingerprint should be a 59 character long hex value
+
+ N
+ Y
+ Y
+
+
+ N
+ both
+
+ source
+ destination
+
+ Y/^([\t\n\v\f\r 0-9a-zA-Z.\-,_\x{00A0}-\x{FFFF}]){1,255}$/u