From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed, 8 Apr 2020 15:48:20 +0000 (+0000)
Subject: suricata: disable dns flood protection
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=551bc489408c1efc0d0899ead3894c3d04a0f300;p=people%2Fms%2Fipfire-2.x.git

suricata: disable dns flood protection

this causes errors in unbound and also other linux clients if
a dns rule triggers.

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 1f33ea0f34..43f10c89d9 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -435,7 +435,7 @@ app-layer:
 
       # How many unreplied DNS requests are considered a flood.
       # If the limit is reached, app-layer-event:dns.flooded; will match.
-      request-flood: 2048
+      #request-flood: 512
 
       tcp:
         enabled: yes