From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 7 Apr 2022 16:54:12 +0000 (+0000)
Subject: suricata: Process default rules first
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fheads%2Fsuricata-whitelist;p=people%2Fms%2Fipfire-2.x.git

suricata: Process default rules first

This patch moves the default rules to the top. This file also lists the
whitelist which should always be processed first to function.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 6fbc7b3ee1..173e2e1d06 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -46,12 +46,12 @@ vars:
 ##
 default-rule-path: /var/lib/suricata
 rule-files:
-    # Include enabled ruleset files from external file.
-    include: /var/ipfire/suricata/suricata-used-providers.yaml
-
     # Include default rules.
     include: /var/ipfire/suricata/suricata-default-rules.yaml
 
+    # Include enabled ruleset files from external file.
+    include: /var/ipfire/suricata/suricata-used-providers.yaml
+
 classification-file: /usr/share/suricata/classification.config
 reference-config-file: /usr/share/suricata/reference.config
 threshold-file: /usr/share/suricata/threshold.config