This is the default port for IPFire's administrative web interface
and should be monitored by Suricata, too.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
c: Stefan Schantl <stefan.schantl@ipfire.org>
Acked-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
tls:
enabled: yes
detection-ports:
- dp: "[443,465,993,995]"
+ dp: "[443,444,465,993,995]"
# Completely stop processing TLS/SSL session after the handshake
# completed. If bypass is enabled this will also trigger flow