Go to your pfSense dashboard.
Click “Services/Snort”, as seen above.
Click “Global Settings”, as seen above.
Check the box for “Enable Snort GPLv2”, then scroll to the bottom and click “Save”.
Click on “Snort Interfaces”, as shown above.
We need to add the LAN interface so it can be monitored. Click “Add”, as shown above.
Keep all the defaults and click “Save”.
Click “LAN Categories”, as shown above.
Check the box to enable “Snort GPLv2 Community Rules (Talos Certified)”, as shown above, and click “Save”.
Click on “Snort Interfaces”, as shown above.
Click the “play” icon to get Snort running on the LAN interface.