suricata: Update to 4.1.3

[ipfire-2.x.git] / config / suricata / suricata.yaml

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 8b4ab8c3b317d8b46fd3c173ba0dd1a76f0ac199..539ef38dd2103f623976fad17b3b5db1dd891606 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -20,6 +20,7 @@ vars:
     DNS_SERVERS: "$HOME_NET"
     TELNET_SERVERS: "$HOME_NET"
     AIM_SERVERS: "$EXTERNAL_NET"
+    DC_SERVERS: "$HOME_NET"
     DNP3_SERVER: "$HOME_NET"
     DNP3_CLIENT: "$HOME_NET"
     MODBUS_CLIENT: "$HOME_NET"
@@ -62,6 +63,14 @@ stats:
   # the loggers are invoked.
   interval: 8
 
+  # Add decode events as stats.
+  #decoder-events: true
+  # Decoder event prefix in stats. Has been 'decoder' before, but that leads
+  # to missing events in the eve.stats records. See issue #2225.
+  decoder-events-prefix: "decoder.event"
+  # Add stream events as stats.
+  #stream-events: false
+
 # Configure the type of alert (and other) logging you would like.
 outputs:
   # a line based alerts log similar to Snort's fast.log
@@ -137,6 +146,10 @@ nfq:
 # "detection-only" enables protocol detection only (parser disabled).
 app-layer:
   protocols:
+    krb5:
+      enabled: no # Requires rust
+    ikev2:
+      enabled: yes
     tls:
       enabled: yes
       detection-ports: