Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

security/pfSense-pkg-suricata: Add section for change all actions of rules #1369

Open
wants to merge 2 commits into
base: devel
Choose a base branch
from

Conversation

julioliraup
Copy link

For environments with more than 1k rules, greater agility is required to change rule actions

@marcos-ng marcos-ng changed the title Add section for change all actions of rules security/pfSense-pkg-suricata: Add section for change all actions of rules Oct 21, 2024
@bmeeks8
Copy link
Contributor

bmeeks8 commented Nov 21, 2024

I do not favor the approach taken in this code. The change is made to the master rules list instead of being made on a "per Suricata interface" basis. All other actions involving rules in the Suricata package are limited to the selected interface. The way this pull request is written, the rule actions will change for all Suricata interfaces. That is likely not always desirable. Rule actions should be modified on a per-interface basis.

Please refactor the logic in this request such that rule actions are only modified for the selected Suricata interface (in other words, the interface currently selected for EDIT in the Suricata package GUI).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants