[PATCH] suricata.yaml: Fix bug13646 - Adjust the include syntax to use array format

[PATCH] suricata.yaml: Fix bug13646 - Adjust the include syntax to use array format

[Adolf Belka]

[-- Attachment #1: Type: text/plain, Size: 1679 bytes --]

- Suricata-8.x will only accept include statements in array format and not in multiple
   single lines. Suricata-7.x still accepts the multiple single lines but flags up that
   the format is deprecated and will be removed in suricata-8.x
- This patch adjusts the address-groups include into the array format.
- This change has been tested out on my vm and the IPS started up and from the logs you
   can see that all the include files were taken on board and the derprecation message
   is no longer shown.
- This change can be implemented with Suricata-7.x and will make sure that IPFire has
   the include syntax that Suricata-8.x will require.

Fixes: Bug13646
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/suricata/suricata.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index faa1aa71d..443b8e19e 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -8,11 +8,11 @@
 
 vars:
   address-groups:
-    # Include HOME_NET declaration from external file.
-    include: /var/ipfire/suricata/suricata-homenet.yaml
-
-    # Include DNS_SERVERS declaration from external file.
-    include: /var/ipfire/suricata/suricata-dns-servers.yaml
+    include:
+            # Include HOME_NET declaration from external file.
+            - /var/ipfire/suricata/suricata-homenet.yaml
+            # Include DNS_SERVERS declaration from external file.
+            - /var/ipfire/suricata/suricata-dns-servers.yaml
 
     EXTERNAL_NET: "any"
 
-- 
2.47.1

Re: [PATCH] suricata.yaml: Fix bug13646 - Adjust the include syntax to use array format

[Michael Tremer]

[-- Attachment #1: Type: text/plain, Size: 1947 bytes --]

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

Looks good for me. Thank you for taking care of this!

> On 10 Dec 2024, at 13:23, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
> 
> - Suricata-8.x will only accept include statements in array format and not in multiple
>   single lines. Suricata-7.x still accepts the multiple single lines but flags up that
>   the format is deprecated and will be removed in suricata-8.x
> - This patch adjusts the address-groups include into the array format.
> - This change has been tested out on my vm and the IPS started up and from the logs you
>   can see that all the include files were taken on board and the derprecation message
>   is no longer shown.
> - This change can be implemented with Suricata-7.x and will make sure that IPFire has
>   the include syntax that Suricata-8.x will require.
> 
> Fixes: Bug13646
> Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/suricata/suricata.yaml | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
> index faa1aa71d..443b8e19e 100644
> --- a/config/suricata/suricata.yaml
> +++ b/config/suricata/suricata.yaml
> @@ -8,11 +8,11 @@
> 
> vars:
>   address-groups:
> -    # Include HOME_NET declaration from external file.
> -    include: /var/ipfire/suricata/suricata-homenet.yaml
> -
> -    # Include DNS_SERVERS declaration from external file.
> -    include: /var/ipfire/suricata/suricata-dns-servers.yaml
> +    include:
> +            # Include HOME_NET declaration from external file.
> +            - /var/ipfire/suricata/suricata-homenet.yaml
> +            # Include DNS_SERVERS declaration from external file.
> +            - /var/ipfire/suricata/suricata-dns-servers.yaml
> 
>     EXTERNAL_NET: "any"
> 
> -- 
> 2.47.1
>