0000609: Need method of specifying snortsam block rules

ClearFoundation Tracker - ClearOS

View Issue Details

Project

Category

View Status

Date Submitted

Last Update

0000609

ClearOS

app-intrusion-prevention - Intrusion Prevention

public

2012-05-15 04:43

2019-03-05 03:27

Reporter

NickH

Assigned To

Priority

normal

Severity

feature

Reproducibility

always

Status

closed

Resolution

won't fix

Platform

OS Version

Product Version

6.2.0 Updates

Target Version

Fixed in Version

Summary

0000609: Need method of specifying snortsam block rules

Description

As there are no snort rules with fwsam elements provided in 6.2 it effectively makes snortsam redudant unless a way is provided to manually enter the blocking rules. I believe the IPS screen should be changed to allow you to enter text into sid-block.map. You should be able to enter a rule number which then appears on screen so you can determine whether you want to block the source or destination. You then need to be able to specify src or dst and the blocking period.

Steps To Reproduce

Additional Information

Tags

No tags attached.

Relationships

related to	0000203	closed		Allow end user the ability to override which rules should be whitelisted
related to	0000611	closed	user2	Apply intrusion protection rules for GPL rule set

Attached Files

Issue History

Date Modified

Username

Field

Change

2012-05-15 04:43

NickH

New Issue

2012-05-15 08:00

user2

Relationship added

related to 0000203

2012-05-15 08:01

user2

Relationship added

related to 0000611

2012-05-15 08:25

user2

Note Added: 0000510

2012-05-15 08:25

user2

Status

new => confirmed

2019-03-05 03:27

NickH

Note Added: 0010381

2019-03-05 03:27

NickH

Status

confirmed => closed

2019-03-05 03:27

NickH

Resolution

open => won't fix

Notes