From 2bec60c34725c759c98f4da276fc8149162b3397 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sun, 10 Mar 2019 17:34:03 +0100 Subject: [PATCH] suricata: Update to 4.1.3 Signed-off-by: Stefan Schantl --- config/rootfiles/common/suricata | 64 +++++++++++++++++++++----------- config/suricata/suricata.yaml | 13 +++++++ lfs/suricata | 4 +- 3 files changed, 58 insertions(+), 23 deletions(-) diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata index 32aa54dbbc..859879db0f 100644 --- a/config/rootfiles/common/suricata +++ b/config/rootfiles/common/suricata @@ -1,44 +1,66 @@ etc/suricata etc/suricata/suricata.yaml usr/bin/suricata +#usr/bin/suricatactl #usr/bin/suricatasc +#usr/lib/python2.7/site-packages/suricata +#usr/lib/python2.7/site-packages/suricata-4.1.3-py2.7.egg-info +#usr/lib/python2.7/site-packages/suricata/__init__.py +#usr/lib/python2.7/site-packages/suricata/__init__.pyc +#usr/lib/python2.7/site-packages/suricata/config +#usr/lib/python2.7/site-packages/suricata/config/__init__.py +#usr/lib/python2.7/site-packages/suricata/config/__init__.pyc +#usr/lib/python2.7/site-packages/suricata/config/defaults.py +#usr/lib/python2.7/site-packages/suricata/config/defaults.pyc +#usr/lib/python2.7/site-packages/suricata/ctl +#usr/lib/python2.7/site-packages/suricata/ctl/__init__.py +#usr/lib/python2.7/site-packages/suricata/ctl/__init__.pyc +#usr/lib/python2.7/site-packages/suricata/ctl/filestore.py +#usr/lib/python2.7/site-packages/suricata/ctl/filestore.pyc +#usr/lib/python2.7/site-packages/suricata/ctl/loghandler.py +#usr/lib/python2.7/site-packages/suricata/ctl/loghandler.pyc +#usr/lib/python2.7/site-packages/suricata/ctl/main.py +#usr/lib/python2.7/site-packages/suricata/ctl/main.pyc +#usr/lib/python2.7/site-packages/suricata/ctl/test_filestore.py +#usr/lib/python2.7/site-packages/suricata/ctl/test_filestore.pyc +#usr/lib/python2.7/site-packages/suricata/sc +#usr/lib/python2.7/site-packages/suricata/sc/__init__.py +#usr/lib/python2.7/site-packages/suricata/sc/__init__.pyc +#usr/lib/python2.7/site-packages/suricata/sc/suricatasc.py +#usr/lib/python2.7/site-packages/suricata/sc/suricatasc.pyc #usr/lib/python2.7/site-packages/suricatasc -#usr/lib/python2.7/site-packages/suricatasc-0.9-py2.7.egg-info #usr/lib/python2.7/site-packages/suricatasc/__init__.py #usr/lib/python2.7/site-packages/suricatasc/__init__.pyc -#usr/lib/python2.7/site-packages/suricatasc/suricatasc.py -#usr/lib/python2.7/site-packages/suricatasc/suricatasc.pyc #usr/share/doc/suricata #usr/share/doc/suricata/AUTHORS #usr/share/doc/suricata/Basic_Setup.txt -#usr/share/doc/suricata/CentOS5.txt -#usr/share/doc/suricata/CentOS_56_Installation.txt -#usr/share/doc/suricata/Debian_Installation.txt -#usr/share/doc/suricata/Fedora_Core.txt -#usr/share/doc/suricata/FreeBSD_8.txt #usr/share/doc/suricata/GITGUIDE -#usr/share/doc/suricata/HTP_library_installation.txt #usr/share/doc/suricata/INSTALL #usr/share/doc/suricata/INSTALL.PF_RING #usr/share/doc/suricata/INSTALL.WINDOWS -#usr/share/doc/suricata/Installation_from_GIT_with_PCRE-JIT.txt -#usr/share/doc/suricata/Installation_from_GIT_with_PF_RING_on_Ubuntu_server_1104.txt -#usr/share/doc/suricata/Installation_with_CUDA_and_PFRING_on_Scientific_Linux_6.txt -#usr/share/doc/suricata/Installation_with_CUDA_and_PF_RING_on_Ubuntu_server_1104.txt -#usr/share/doc/suricata/Installation_with_CUDA_on_Scientific_Linux_6.txt -#usr/share/doc/suricata/Installation_with_CUDA_on_Ubuntu_server_1104.txt -#usr/share/doc/suricata/Installation_with_PF_RING.txt -#usr/share/doc/suricata/Mac_OS_X_106x.txt #usr/share/doc/suricata/NEWS -#usr/share/doc/suricata/OpenBSD_Installation_from_GIT.txt #usr/share/doc/suricata/README #usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt #usr/share/doc/suricata/TODO #usr/share/doc/suricata/Third_Party_Installation_Guides.txt -#usr/share/doc/suricata/Ubuntu_Installation.txt -#usr/share/doc/suricata/Ubuntu_Installation_from_GIT.txt -#usr/share/doc/suricata/Windows.txt #usr/share/man/man1/suricata.1 +#usr/share/suricata +#usr/share/suricata/rules +#usr/share/suricata/rules/app-layer-events.rules +#usr/share/suricata/rules/decoder-events.rules +#usr/share/suricata/rules/dnp3-events.rules +#usr/share/suricata/rules/dns-events.rules +#usr/share/suricata/rules/files.rules +#usr/share/suricata/rules/http-events.rules +#usr/share/suricata/rules/ipsec-events.rules +#usr/share/suricata/rules/kerberos-events.rules +#usr/share/suricata/rules/modbus-events.rules +#usr/share/suricata/rules/nfs-events.rules +#usr/share/suricata/rules/ntp-events.rules +#usr/share/suricata/rules/smb-events.rules +#usr/share/suricata/rules/smtp-events.rules +#usr/share/suricata/rules/stream-events.rules +#usr/share/suricata/rules/tls-events.rules var/lib/suricata var/lib/suricata/classification.config var/lib/suricata/reference.config diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml index 8b4ab8c3b3..539ef38dd2 100644 --- a/config/suricata/suricata.yaml +++ b/config/suricata/suricata.yaml @@ -20,6 +20,7 @@ vars: DNS_SERVERS: "$HOME_NET" TELNET_SERVERS: "$HOME_NET" AIM_SERVERS: "$EXTERNAL_NET" + DC_SERVERS: "$HOME_NET" DNP3_SERVER: "$HOME_NET" DNP3_CLIENT: "$HOME_NET" MODBUS_CLIENT: "$HOME_NET" @@ -62,6 +63,14 @@ stats: # the loggers are invoked. interval: 8 + # Add decode events as stats. + #decoder-events: true + # Decoder event prefix in stats. Has been 'decoder' before, but that leads + # to missing events in the eve.stats records. See issue #2225. + decoder-events-prefix: "decoder.event" + # Add stream events as stats. + #stream-events: false + # Configure the type of alert (and other) logging you would like. outputs: # a line based alerts log similar to Snort's fast.log @@ -137,6 +146,10 @@ nfq: # "detection-only" enables protocol detection only (parser disabled). app-layer: protocols: + krb5: + enabled: no # Requires rust + ikev2: + enabled: yes tls: enabled: yes detection-ports: diff --git a/lfs/suricata b/lfs/suricata index 2e7a5c5dc4..8a1e50240f 100644 --- a/lfs/suricata +++ b/lfs/suricata @@ -24,7 +24,7 @@ include Config -VER = 4.0.6 +VER = 4.1.3 THISAPP = suricata-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = e8e9a401fef3b3ca1027c268c38c8f4b +$(DL_FILE)_MD5 = 35c4a8e6be3910831649a073950195df install : $(TARGET) -- 2.39.2