+++ /dev/null
-%YAML 1.1
----
-
-# Default rules which helps
- - /usr/share/suricata/rules/app-layer-events.rules
- - /usr/share/suricata/rules/decoder-events.rules
- - /usr/share/suricata/rules/dhcp-events.rules
- - /usr/share/suricata/rules/dns-events.rules
- - /usr/share/suricata/rules/files.rules
- - /usr/share/suricata/rules/http-events.rules
- - /usr/share/suricata/rules/ipsec-events.rules
- - /usr/share/suricata/rules/kerberos-events.rules
- - /usr/share/suricata/rules/nfs-events.rules
- - /usr/share/suricata/rules/ntp-events.rules
- - /usr/share/suricata/rules/smb-events.rules
- - /usr/share/suricata/rules/smtp-events.rules
- - /usr/share/suricata/rules/stream-events.rules
- - /usr/share/suricata/rules/tls-events.rules
# Install IPFire related config file.
install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
- # Install yaml file for loading default rules.
- install -m 0664 $(DIR_SRC)/config/suricata/suricata-default-rules.yaml /var/ipfire/suricata
-
- # Set correct ownership for the default rules file.
- chown nobody:nobody /var/ipfire/suricata/suricata-default-rules.yaml
-
# Create emtpy rules directory.
-mkdir -p /var/lib/suricata