I am running 200 release.
As soon as I configure new providers, rules are downloaded BUT
/var/ipfire/suricata/suricata-used-rulesfiles.yaml
does not include any file names.
I can add them by hand and everything is working BUT if I reload the rules, the file is cleaned and no rule file is listed anymore.
Hallo @ehorlait
Welcome to the IPFire community.
After you selected the rule provider did you then press the Customize ruleset button and select some of the rules from the provider.
If not then you have a provider selected but no rules from that provider selected.
https://www.ipfire.org/docs/configuration/firewall/ips#rulesets
4 Likes
Thanks a lot for that!
Is there a way for activating all rules “in one click”
You should not enable all rules.
Depending on the ruleset(s) that you have chosen, there is a lot of different stuff in it. Whether you are running servers on your local network, or you only have clients, you want to select different rules.
The link that @bonnietwin has linked will explain this and you should study it closely.
4 Likes