From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: IPFire meets Suricata - Call for tester
Date: Wed, 06 Feb 2019 10:43:40 +0000
Message-ID: <37474D26-8F9B-495B-8B69-D6ECE8FCB2CC@ipfire.org>
In-Reply-To: <7675eb9f8a0bf6aebc16a97aaa16f2d57adbdf9b.camel@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============9070222560112189423=="
List-Id: <development.lists.ipfire.org>

--===============9070222560112189423==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello guys,

Great news Stefan! I will have a look at the image as soon as I can.

You have an extra f at the end of the download URL. I am sure that everyone h=
as noticed that already, but here is the correct url:

  https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-f=
ull-core128.iso

What are the next steps for development here? I guess fixing the bugs that th=
e testers find and the few outstanding ones. When is an updater going to be w=
orked on?

Best,
-Michael

> On 6 Feb 2019, at 09:57, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote:
>=20
> Hello Ville,
>=20
> thanks for joining the testing team.
>=20
> There is currently no update from an existing IPFire installation to
> the suricata containing one. So you have to create backups, do a fresh
> installation and then restore your backups.
>=20
> If possible and some test hardware is available, please install the
> image on a different machine than your productive one.
>=20
> Best regards,
>=20
> -Stefan
>=20
>=20
>> Hello,
>>=20
>> Thx for bringing this update!
>>=20
>> Is it ok to update my stable version of ipfire core 126 or should I
>> install this suricata version and then use backups to get my data and
>> settings back?
>>=20
>> -Ville-
>>=20
>>=20
>>> On 6 Feb 2019, at 10.58, Stefan Schantl <stefan.schantl(a)ipfire.org>
>>> wrote:
>>>=20
>>> Hello list,
>>>=20
>>> today im very happy to announce a new test image with the latest
>>> snapshot of the process bringing suricata to all of you.
>>>=20
>>> The image is now hosted and provided by the nightly build feature
>>> (a
>>> big thanks to Michael for providing this) of IPFire, so if
>>> development
>>> goes on, every time a new image will be generated and easily can be
>>> downloaded.
>>>=20
>>> The latest image always can be grabbed from here:
>>>=20
>>> https://nightly.ipfire.org/next-suricata/latest/x86_64/
>>>=20
>>> Direct link for downloading the ISO image:
>>>=20
>>> https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64=
-full-core128.isof
>>>=20
>>> There is currently one known issue, that any kind of snort rules
>>> (sourcefire) currenty can not be downloaded, so you have to use the
>>> rulesets from emergingthreads for testing. This issue will be fixed
>>> with the next image provided by the nightly build service.
>>>=20
>>> Thanks for downloading and testing, as usual please file any bugs
>>> to
>>> our bugtracker (https://bugzilla.ipfire.org) and share your
>>> feedback on
>>> this list.
>>>=20
>>> Best regards,
>>>=20
>>> -Stefan
>>>=20
>>>=20
>>>> Hello list followers,
>>>>=20
>>>> some time ago development for the new implementation of the
>>>> Intrusion
>>>> Detection functionality in IPFire has been started.
>>>>=20
>>>> The main goal, in a nutshell, was to give IPFire a modern,
>>>> feature-
>>>> rich=20
>>>> and user-friendly Intrusion Detection Engine. During this
>>>> progress,
>>>> the
>>>> detection framework has been replaced - now suricata is used
>>>> instead
>>>> of
>>>> snort.
>>>>=20
>>>> Suricata uses a very modern and multi-threaded detection engine
>>>> with
>>>> support to perform actions on malicious traffic. So it provides
>>>> the
>>>> functionality of detecting any kind of intrusion attempts and the
>>>> ability of guardian to block them under the same hood.
>>>>=20
>>>> It was a lot of work, but finaly I'm happy to announce the first
>>>> test
>>>> version. It is almost feature complete and without any kind of
>>>> bigger
>>>> issues.
>>>>=20
>>>> Because Intrusion Detection is a key feature of a firewall
>>>> system, a
>>>> lot of testing is required until the new implementation can
>>>> become
>>>> part
>>>> of IPFire - therefore we need your help!
>>>>=20
>>>> Download the test image (
>>>> https://people.ipfire.org/~stevee/suricata/Images/), do a lot of
>>>> hard
>>>> testing and provide your feedback or suggestions on the
>>>> develoment
>>>> mailing list (
>>>> https://lists.ipfire.org/mailman/listinfo/development).
>>>>=20
>>>> If you find any bugs please file them in the IPFire Bugtracker (
>>>> https://bugzilla.ipfire.org/).
>>>>=20
>>>> Many thanks in advance,
>>>>=20
>>>> -Stefan


--===============9070222560112189423==--