Project

General

Profile

Feature #9871

Snort - User Forced Disabled Rules Ordering

Added by Andy Kniveton about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal-package
Assignee:
-
Category:
Snort
Target version:
-
Start date:
11/01/2019
Due date:
% Done:

0%

Estimated time:

Description

Any chance of forcing the order GID then SID of the displayed rules, its a bit of a pain when your trying to audit whats disabled when comparing two interfaces.

See the attached screenshots.

Screenshot 2019-11-01 at 09.56.51.png (386 KB) Screenshot 2019-11-01 at 09.56.51.png LAN Interface User Forced Disabled Rules Andy Kniveton, 11/01/2019 05:06 AM
Screenshot 2019-11-01 at 09.57.01.png (443 KB) Screenshot 2019-11-01 at 09.57.01.png WAN Interface User Forced Disabled Rules Andy Kniveton, 11/01/2019 05:06 AM

History

#1 Updated by Bill Meeks about 1 year ago

I believe I can add sortable columns (at least for some of the columns) so the RULES tab behaves the same as the ALERTS tab. Actually thought I had configured sortable columns on the RULES tab, but just checked and they are not sortable.

Look for this in the next Snort package update.

#2 Updated by Bill Meeks about 1 year ago

I've added sortable columns to the RULES tab. You can now sort on all of the columns except State (that is an icon) and Action (also an icon, but only available in the Snort-4.0 package on pfSense-2.5 DEVEL). The new sortable columns feature will be in both the pfSense-2.4.4 RELEASE branch and in the pfSense-2.5 DEVEL branch.

The pull requests are https://github.com/pfsense/FreeBSD-ports/pull/699 (for RELEASE) and https://github.com/pfsense/FreeBSD-ports/pull/698 for DEVEL).

This ticket can be closed when these requests are merged.

#3 Updated by Bill Meeks about 1 year ago

This ticket can be closed as "RESOLVED". Column sorting is now available on the RULES tab in the DEVEL and RELEASE branch package versions (4.0_9 for the DEVEL branch and 3.2.9.10 for the RELEASE branch).

#4 Updated by Jim Pingle about 1 year ago

  • Status changed from New to Resolved

Also available in: Atom PDF