Place the rulefiles from now in "/var/lib/suricata".
Fixes #11834
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
our $storederrorfile = "/tmp/ids_storederror";
# Location where the rulefiles are stored.
-our $rulespath = "/etc/suricata/rules";
+our $rulespath = "/var/lib/suricata";
# File which contains a list of all supported ruleset sources.
# (Sourcefire, Emergingthreads, etc..)
etc/suricata
-#etc/suricata/rules
-etc/suricata/rules/classification.config
-etc/suricata/rules/reference.config
-etc/suricata/rules/threshold.config
etc/suricata/suricata.yaml
usr/bin/suricata
#usr/bin/suricatasc
#usr/share/doc/suricata/Ubuntu_Installation_from_GIT.txt
#usr/share/doc/suricata/Windows.txt
#usr/share/man/man1/suricata.1
+#var/lib/suricata
+var/lib/suricata/classification.config
+var/lib/suricata/reference.config
+var/lib/suricata/threshold.config
var/log/suricata
#var/log/suricata/certs
#var/log/suricata/files
##
## Ruleset specific options.
##
-default-rule-path: /etc/suricata/rules
+default-rule-path: /var/lib/suricata
rule-files:
# Include enabled ruleset files from external file.
include: /var/ipfire/suricata/suricata-used-rulefiles.yaml
-classification-file: /etc/suricata/rules/classification.config
-reference-config-file: /etc/suricata/rules/reference.config
-# threshold-file: /etc/suricata/threshold.config
+classification-file: /var/lib/suricata/classification.config
+reference-config-file: /var/lib/suricata/reference.config
+# threshold-file: /var/lib/suricata/threshold.config
##
# Install IPFire related config file.
install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
- -mkdir -p /etc/suricata/rules
- mv /etc/suricata/*.config /etc/suricata/rules/
+
+ # Create emtpy rules directory.
+ -mkdir -p /var/lib/suricata
+
+ # Move config files for references, threshold and classification
+ # to the rules directory.
+ mv /etc/suricata/*.config /var/lib/suricata
+
+ # Create logging directory.
-mkdir -p /var/log/suricata
+
@rm -rf $(DIR_APP)
@$(POSTBUILD)
} else if (strcmp(argv[1], "reload") == 0) {
safe_system("/etc/rc.d/init.d/suricata reload");
} else if (strcmp(argv[1], "fix-rules-dir") == 0) {
- safe_system("chown -R nobody:nobody /etc/suricata/rules/");
+ safe_system("chown -R nobody:nobody /var/lib/suricata");
} else {
fprintf(stderr, "\nBad argument given.\n\nsuricatactrl (start|stop|restart|reload)\n\n");
exit(1);