suricata: We do not use any IP reputation lists

[people/pmueller/ipfire-2.x.git] / config / suricata / suricata.yaml

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index c0101557f75bec747c7db882dbd8a632737512f5..44cdd8940cc93541426f0a2b1f7cd65970f8a956 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -192,18 +192,14 @@ app-layer:
     # smb2 detection is disabled internally inside the engine.
     #smb2:
     #  enabled: yes
-    # Note: NFS parser depends on Rust support: pass --enable-rust
-    # to configure.
-    nfs:
-      enabled: no
     dns:
       # memcaps. Globally and per flow/state.
-      #global-memcap: 16mb
-      #state-memcap: 512kb
+      global-memcap: 32mb
+      state-memcap: 512kb
 
       # How many unreplied DNS requests are considered a flood.
       # If the limit is reached, app-layer-event:dns.flooded; will match.
-      #request-flood: 500
+      request-flood: 512
 
       tcp:
         enabled: yes
@@ -352,11 +348,6 @@ app-layer:
         dp: 44818
         sp: 44818
 
-    # Note: parser depends on experimental Rust support
-    # with --enable-rust-experimental passed to configure
-    ntp:
-      enabled: no
-
 # Limit for the maximum number of asn1 frames to decode (default 256)
 asn1-max-frames: 256
 
@@ -442,12 +433,6 @@ legacy:
 #   - reject
 #   - alert
 
-# IP Reputation
-#reputation-categories-file: /etc/suricata/iprep/categories.txt
-#default-reputation-path: /etc/suricata/iprep
-#reputation-files:
-# - reputation.list
-
 # When run with the option --engine-analysis, the engine will read each of
 # the parameters below, and print reports for each of the enabled sections
 # and exit.  The reports are printed to a file in the default log dir