suricata: Use DNS_SERVERS declaration from external file.

These settings now will be read from
/var/ipfire/suricata/suricata-dns-servers.yaml, which will be
generated by the generate_dns_servers_file() function, located in
ids-functions.pl and called by various scripts.

Fixes #12166.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index e921781cf7889e83c7000c5c8fa6fd82a0334a34..af9cb75a9737c76232388bb8e0b4ede9b155bb9a 100644 (file)
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -11,12 +11,14 @@ vars:
     # Include HOME_NET declaration from external file.
     include: /var/ipfire/suricata/suricata-homenet.yaml
 
+    # Include DNS_SERVERS declaration from external file.
+    include: /var/ipfire/suricata/suricata-dns-servers.yaml
+
     EXTERNAL_NET: "any"
 
     HTTP_SERVERS: "$HOME_NET"
     SMTP_SERVERS: "$HOME_NET"
     SQL_SERVERS: "$HOME_NET"
-    DNS_SERVERS: "$HOME_NET"
     TELNET_SERVERS: "$HOME_NET"
     AIM_SERVERS: "$EXTERNAL_NET"
     DC_SERVERS: "$HOME_NET"