intrusion detection: further reworked suricata rc script

2026-03-13 16:14:40 +00:00 · 2017-06-10 20:38:49 +02:00 · 2017-06-10 20:38:49 +02:00 · da313a94d9
commit da313a94d9
parent ca10d0a2f9
1 changed files with 7 additions and 21 deletions
--- a/src/opnsense/service/templates/OPNsense/IDS/rc.conf.d
+++ b/src/opnsense/service/templates/OPNsense/IDS/rc.conf.d
@ -1,34 +1,20 @@
 {# Macro import #}
 {% from 'OPNsense/Macros/interface.macro' import physical_interface %}
 {% if helpers.exists('OPNsense.IDS.general') and OPNsense.IDS.general.enabled|default("0") == "1" %}
-suricata_enable="YES"
 suricata_opnsense_bootup_run="/usr/local/opnsense/scripts/suricata/setup.sh"
-
+suricata_enable="YES"
 {% if OPNsense.IDS.general.ips|default("0") == "1" %}
 # IPS mode, switch to netmap
-suricata_netmap=YES
-
+suricata_netmap="YES"
 {% else %}
-
 # IDS mode, pcap live mode
 {% set addFlags=[] %}
-{% for intfName in OPNsense.IDS.general.interfaces.split(',') %}
-{%   if loop.index == 1 %}
-{# enable first interface #}
-suricata_interface="{{ physical_interface(intfName) }}"
-{%   else %}
-{#   store additional interfaces to addFlags #}
-{%      do addFlags.append(physical_interface(intfName)) %}
-{%   endif %}
-{% endfor %}
-{#   append additional interfaces #}
-suricata_flags="-D {%
-   for intf in addFlags
-%} --pcap={{ intf }}  {% endfor
-%} "
-
+{%   for intfName in OPNsense.IDS.general.interfaces.split(',') %}
+{#     store additional interfaces to addFlags #}
+{%     do addFlags.append(physical_interface(intfName)) %}
+{%   endfor %}
+suricata_interface="{% addFlags|join(' ') %}"
 {% endif %}
-
 {% else %}
 suricata_enable="NO"
 {% endif %}