I am using pfsense system and installed suricata. I added a file to /usr/local/share/suricata/rules/ , but the rule added to that file is not applied to the suricata interface I created unless I click “Apply” on the web
Is there a way I can apply rules to be added to this file automatically or by command without using the web?
Questions about Suricata used on pfSense should be addressed to the pfSense IPS/IDS forum here: IDS/IPS | Netgate Forum. Suricata is packaged as a custom installation with a GUI wrapper for pfSense by the Netgate team. There is no support for that customized package here.
The directory you are updating is NOT where the rules used by a configured Suricata interface on pfSense reside. That directory is simply the “master list” of available rules used to build the individual rules file for an interface. Each configured interface of Suricata on pfSense has its own unique configuration subdirectory containing the suricata.yaml file and the rules assigned for that particular interface instance.