]> git.ipfire.org Git - people/stevee/ipfire-2.x.git/commitdiff
projects / people / stevee / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d4d0a8e)
suricata: Include all default rules
authorMichael Tremer <michael.tremer@ipfire.org>
Fri, 19 Nov 2021 17:44:52 +0000 (17:44 +0000)
committerStefan Schantl <stefan.schantl@ipfire.org>
Fri, 3 Dec 2021 11:37:29 +0000 (12:37 +0100)
These rules do not drop anything, but only alert when internal parts of
the engine trigger an event. This will allow us more insight on what is
happening.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/rootfiles/common/suricata patch | blob | blame | history
config/suricata/suricata.yaml patch | blob | blame | history

diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata
index ff31ec7d231ef83783b8564f125979b1ad265112..0952c9aa47907e6b761ee7c490b99fdfe09e529e 100644 (file)
--- a/config/rootfiles/common/suricata
+++ b/config/rootfiles/common/suricata
@@ -17,9 +17,10 @@ usr/bin/suricata
 #usr/share/man/man1/suricatactl-filestore.1
 #usr/share/man/man1/suricatactl.1
 #usr/share/man/man1/suricatasc.1
-usr/share/suricata
+usr/share/suricata/
 #usr/share/suricata/classification.config
 #usr/share/suricata/reference.config
+#usr/share/suricata/threshold.config
 #usr/share/suricata/rules
 #usr/share/suricata/rules/app-layer-events.rules
 #usr/share/suricata/rules/decoder-events.rules
@@ -27,10 +28,12 @@ usr/share/suricata
 #usr/share/suricata/rules/dnp3-events.rules
 #usr/share/suricata/rules/dns-events.rules
 #usr/share/suricata/rules/files.rules
+#usr/share/suricata/rules/http2-events.rules
 #usr/share/suricata/rules/http-events.rules
 #usr/share/suricata/rules/ipsec-events.rules
 #usr/share/suricata/rules/kerberos-events.rules
 #usr/share/suricata/rules/modbus-events.rules
+#usr/share/suricata/rules/mqtt-events.rules
 #usr/share/suricata/rules/nfs-events.rules
 #usr/share/suricata/rules/ntp-events.rules
 #usr/share/suricata/rules/smb-events.rules
@@ -38,9 +41,6 @@ usr/share/suricata
 #usr/share/suricata/rules/stream-events.rules
 #usr/share/suricata/rules/tls-events.rules
 var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
 var/log/suricata
 #var/log/suricata/certs
 #var/log/suricata/files
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 956647ac14a431016b2b4426fd289bc20c7acbd6..56550b6fcbdb5032880e036d7c10f3a72086a247 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -46,7 +46,6 @@ vars:
 ##
 default-rule-path: /var/lib/suricata
 rule-files:
-<<<<<<< HEAD
     # Default rules
     - /usr/share/suricata/rules/app-layer-events.rules
     - /usr/share/suricata/rules/decoder-events.rules
Stefan's tree of IPFire 2.x.