From a00e646ca2899a078db6c332a582ecfeffa54e16 Mon Sep 17 00:00:00 2001
From: Ad Schellevis <ad@opnsense.org>
Date: Fri, 5 Oct 2018 16:16:00 +0200
Subject: [PATCH] IDS, replace tls.fingerprint with tls_fingerprint for better
 performance in custom rules

---
 src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules b/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
index 906469e4c..1875c1dde 100644
--- a/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
+++ b/src/opnsense/service/templates/OPNsense/IDS/OPNsense.rules
@@ -10,7 +10,7 @@
 {%          if rule.enabled|default('0') == '1' %}
 {{rule.action}}{% if rule.fingerprint|default('') != ""
       %} tls {% else %} ip {% endif %} {% if rule.source|default('') != "" %} {{ rule.source }} {% else %} any {% endif %} any -> {% if rule.destination|default('') != "" %} {{ rule.destination }} {% else %} any {% endif %} any (msg:"{{rule.description.replace('"','\"')}}"; {%
-      if rule.fingerprint|default('') != "" %} tls.fingerprint:"{{rule.fingerprint.lower()}}";{% endif
+      if rule.fingerprint|default('') != "" %} tls_fingerprint:"{{rule.fingerprint.lower()}}";{% endif
       %}{%
       if rule.geoip|default('') != ""%} geoip:{% if rule.geoip_direction|default('') != '' %}{{rule.geoip_direction}},{% endif %}{{rule.geoip}} ;{% endif
       %} sid:{{