From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 7 Jan 2026 11:43:12 +0000 (+0000)
Subject: suricata: Add IPFire DNSBL to the rule sources
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9eb8751487d23dd354a105c28bdbbb0398fe6e85;p=ipfire-2.x.git

suricata: Add IPFire DNSBL to the rule sources

Although this is not the primary use-case, there is a lot of value by
adding the DNSBL to Suricata for secondary filtering. Anything that is
trying to circumvent any local policy will be caught at the edge of the
network and therfore we will even be able to block access to any listed
domains when people are using a private resolver.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources
index b843d3e49..3ccb205a7 100644
--- a/config/suricata/ruleset-sources
+++ b/config/suricata/ruleset-sources
@@ -141,4 +141,13 @@ our %Providers = (
 		dl_url => "https://raw.githubusercontent.com/travisbgreen/hunting-rules/master/hunting.rules",
 		dl_type => "plain",
 	},
+
+	ipfire_dnsbl => {
+		summary => "IPFire DNSBL - Domain Blocklist",
+		website => "https://www.ipfire.org/dnsbl/",
+		tr_string => "ipfire dnsbl",
+		requires_subscription => "False",
+		dl_url => "https://dnsbl.ipfire.org/lists/suricata.tar.gz",
+		dl_type => "archive",
+	},
 );