setup: Drop /etc/environment

[ipfire-3.x.git] / suricata / suricata.conf

diff --git a/suricata/suricata.conf b/suricata/suricata.conf
index d1d5a257947270e224c1cdc2ceb753106c9ac780..3fc11c70449ae780a4e637f568d8ace2fd8fc4a5 100644 (file)
--- a/suricata/suricata.conf
+++ b/suricata/suricata.conf
@@ -39,24 +39,21 @@ outputs:
       enabled: no
       filename: unified.log
 
-      # Limit in MB.
-      #limit: 32
+      #limit: 32mb
 
   # alert output for use with Barnyard
   - unified-alert:
       enabled: no
       filename: unified.alert
 
-      # Limit in MB.
-      #limit: 32
+      #limit: 32mb
 
   # alert output for use with Barnyard2
   - unified2-alert:
       enabled: no
       filename: unified2.alert
 
-      # Limit in MB.
-      #limit: 32
+      #limit: 32mb
 
   # a line based log of HTTP requests (no alerts)
   - http-log:
@@ -255,6 +252,7 @@ flow-timeouts:
 stream:
   memcap: 33554432
   checksum_validation: yes
+  inline: yes
   reassembly:
     memcap: 67108864
     depth: 1048576
@@ -295,6 +293,15 @@ logging:
       enabled: no
       facility: local5
       format: "[%i] <%d> -- "
+  - drop:
+      enabled: yes
+      filename: drop.log
+      append: yes
+
+nfq:
+      mode: repeat
+      repeat_mark: 1
+      repeat_mask: 1
 
 # PF_RING configuration. for use with native PF_RING support
 # for more info see http://www.ntop.org/PF_RING.html