From: Victor Julien Date: Tue, 8 Apr 2025 08:15:07 +0000 (+0200) Subject: lua: enable lua rules by default X-Git-Tag: suricata-8.0.0-beta1~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F12986%2Fhead;p=thirdparty%2Fsuricata.git lua: enable lua rules by default Now that sandboxing is in place, lua rule support is enabled by default. --- diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst index 16b208613b..5881a5401d 100644 --- a/doc/userguide/configuration/suricata-yaml.rst +++ b/doc/userguide/configuration/suricata-yaml.rst @@ -3000,8 +3000,8 @@ can be completely disabled the same as the Suricata 7.0 default: security: lua: - # Allow Lua rules. Disabled by default. - #allow-rules: false + # Allow Lua rules. Enabled by default. + #allow-rules: true # Upper bound of allocations by a Lua rule before it will fail #max-bytes: 500000 diff --git a/doc/userguide/rules/lua-detection.rst b/doc/userguide/rules/lua-detection.rst index 9ed8d9d1c5..d47b9e8564 100644 --- a/doc/userguide/rules/lua-detection.rst +++ b/doc/userguide/rules/lua-detection.rst @@ -3,10 +3,6 @@ Lua Scripting for Detection =========================== -.. note:: Lua is disabled by default for use in rules, it must be - enabled in the configuration file. See the ``security.lua`` - section of ``suricata.yaml`` and enable ``allow-rules``. - Syntax: :: diff --git a/src/detect-lua.c b/src/detect-lua.c index 93df2f944e..1ba922788b 100644 --- a/src/detect-lua.c +++ b/src/detect-lua.c @@ -706,8 +706,7 @@ static int DetectLuaSetup (DetectEngineCtx *de_ctx, Signature *s, const char *st /* First check if Lua rules are enabled, by default Lua in rules * is disabled. */ int enabled = 0; - (void)SCConfGetBool("security.lua.allow-rules", &enabled); - if (!enabled) { + if (SCConfGetBool("security.lua.allow-rules", &enabled) == 1 && !enabled) { SCLogError("Lua rules disabled by security configuration: security.lua.allow-rules"); return -1; } diff --git a/suricata.yaml.in b/suricata.yaml.in index 66e121b12c..93e2671eb1 100644 --- a/suricata.yaml.in +++ b/suricata.yaml.in @@ -1306,8 +1306,8 @@ security: - @e_sysconfdir@ lua: - # Allow Lua rules. Disabled by default. - #allow-rules: false + # Allow Lua rules. Enabled by default. + #allow-rules: true # Some logging modules will use that name in event as identifier. The default # value is the hostname