From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Tue, 5 Nov 2019 09:32:02 +0000 (+0100)
Subject: suricata: Use DNS_SERVERS declaration from external file.
X-Git-Tag: v2.23-core139~3^2~67
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=961a27b5e2285da9953abf00b265fbb37e744c4a;p=ipfire-2.x.git

suricata: Use DNS_SERVERS declaration from external file.

These settings now will be read from
/var/ipfire/suricata/suricata-dns-servers.yaml, which will be
generated by the generate_dns_servers_file() function, located in
ids-functions.pl and called by various scripts.

Fixes #12166.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index e921781cf7..af9cb75a97 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -11,12 +11,14 @@ vars:
     # Include HOME_NET declaration from external file.
     include: /var/ipfire/suricata/suricata-homenet.yaml
 
+    # Include DNS_SERVERS declaration from external file.
+    include: /var/ipfire/suricata/suricata-dns-servers.yaml
+
     EXTERNAL_NET: "any"
 
     HTTP_SERVERS: "$HOME_NET"
     SMTP_SERVERS: "$HOME_NET"
     SQL_SERVERS: "$HOME_NET"
-    DNS_SERVERS: "$HOME_NET"
     TELNET_SERVERS: "$HOME_NET"
     AIM_SERVERS: "$EXTERNAL_NET"
     DC_SERVERS: "$HOME_NET"