From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 19 Nov 2021 17:44:52 +0000 (+0000)
Subject: suricata: Include all default rules
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b4f1f321e382da38bcd0c00f4d377c4ea0a1ba83;p=people%2Fstevee%2Fipfire-2.x.git

suricata: Include all default rules

These rules do not drop anything, but only alert when internal parts of
the engine trigger an event. This will allow us more insight on what is
happening.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata
index ff31ec7d23..0952c9aa47 100644
--- a/config/rootfiles/common/suricata
+++ b/config/rootfiles/common/suricata
@@ -17,9 +17,10 @@ usr/bin/suricata
 #usr/share/man/man1/suricatactl-filestore.1
 #usr/share/man/man1/suricatactl.1
 #usr/share/man/man1/suricatasc.1
-usr/share/suricata
+usr/share/suricata/
 #usr/share/suricata/classification.config
 #usr/share/suricata/reference.config
+#usr/share/suricata/threshold.config
 #usr/share/suricata/rules
 #usr/share/suricata/rules/app-layer-events.rules
 #usr/share/suricata/rules/decoder-events.rules
@@ -27,10 +28,12 @@ usr/share/suricata
 #usr/share/suricata/rules/dnp3-events.rules
 #usr/share/suricata/rules/dns-events.rules
 #usr/share/suricata/rules/files.rules
+#usr/share/suricata/rules/http2-events.rules
 #usr/share/suricata/rules/http-events.rules
 #usr/share/suricata/rules/ipsec-events.rules
 #usr/share/suricata/rules/kerberos-events.rules
 #usr/share/suricata/rules/modbus-events.rules
+#usr/share/suricata/rules/mqtt-events.rules
 #usr/share/suricata/rules/nfs-events.rules
 #usr/share/suricata/rules/ntp-events.rules
 #usr/share/suricata/rules/smb-events.rules
@@ -38,9 +41,6 @@ usr/share/suricata
 #usr/share/suricata/rules/stream-events.rules
 #usr/share/suricata/rules/tls-events.rules
 var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
 var/log/suricata
 #var/log/suricata/certs
 #var/log/suricata/files
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 956647ac14..56550b6fcb 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -46,7 +46,6 @@ vars:
 ##
 default-rule-path: /var/lib/suricata
 rule-files:
-<<<<<<< HEAD
     # Default rules
     - /usr/share/suricata/rules/app-layer-events.rules
     - /usr/share/suricata/rules/decoder-events.rules