From 9b82093ed2d9d6a67b08b4ef3c1afbd7664b930f Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Sun, 25 Feb 2024 13:45:39 +0100
Subject: [PATCH] Services: Intrusion Detection: Administration - set
 app-layer.error-policy to it's advertised default. closes
 https://github.com/opnsense/core/pull/7271 and
 https://github.com/opnsense/core/issues/7276

---
 src/opnsense/service/templates/OPNsense/IDS/suricata.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
index 906edf60d..117b2e128 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
+++ b/src/opnsense/service/templates/OPNsense/IDS/suricata.yaml
@@ -735,6 +735,7 @@ pcap-file:
 # "yes" enables both detection and the parser, "no" disables both, and
 # "detection-only" enables protocol detection only (parser disabled).
 app-layer:
+  error-policy: ignore
   protocols:
     krb5:
       enabled: yes