]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
projects / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5fbd7b2)
Suricata: detect TLS traffic on IMAPS/POP3S/SSMTP ports as, well
authorPeter Müller <peter.mueller@ipfire.org>
Thu, 7 Feb 2019 17:38:00 +0000 (17:38 +0000)
committerStefan Schantl <stefan.schantl@ipfire.org>
Thu, 7 Feb 2019 20:26:43 +0000 (21:26 +0100)
Partially fixes #11808

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Cc: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
config/suricata/suricata.yaml patch | blob | blame | history

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 48035a67ebef0c1d3ac17e88372f508878c76a77..dd7e53584e1c18da4cf1588abc2dd366b9cb34b0 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -140,7 +140,7 @@ app-layer:
     tls:
       enabled: yes
       detection-ports:
-        dp: 443
+        dp: "[443,465,993,995]"
 
       # Completely stop processing TLS/SSL session after the handshake
       # completed. If bypass is enabled this will also trigger flow
IPFire 2.x development tree