* Re: : [PATCH] suricata: Perform ruleset update every 12 hours [not found] <c2a2e4d8-4c28-0221-ceb7-155488738412@yahoo.com> @ 2022-05-12 9:23 ` Michael Tremer 0 siblings, 0 replies; 4+ messages in thread From: Michael Tremer @ 2022-05-12 9:23 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 2791 bytes --] Hello, I think that rather proves my theory. There will be a check whether to run this command or not, and if it is being run, the timestamp will be recorded. The question is now what the check looks like. Stefan: Could you please check in the source of fcron or just simply test how it behaves? -Michael > On 9 May 2022, at 02:24, Charles Brown <cab_77573(a)yahoo.com> wrote: > > Hello Stefan and Michael, > > Per the fcron man page: > > "The time remaining before next execution is saved every 1800 seconds (to limit damages caused by a crash) and when fcron exits after having received a SIGTERM signal, i.e. when systems go down ..." > It looks like this is getting written to /var/spool/cron/root on my ipfire box. I assume this takes care of the issue ... but I can't say for sure. > > On 5/8/2022 11:12 AM, development-request(a)lists.ipfire.org wrote: >> 6. Re: [PATCH] suricata: Perform ruleset update every 12 hours. >> (Michael Tremer) >> >> >> ---------------------------------------------------------------------- >> Message: 6 >> Date: Sun, 8 May 2022 17:12:33 +0100 >> From: Michael Tremer >> <michael.tremer(a)ipfire.org> >> >> To: Stefan Schantl >> <stefan.schantl(a)ipfire.org> >> >> Cc: >> development(a)lists.ipfire.org >> >> Subject: Re: [PATCH] suricata: Perform ruleset update every 12 hours. >> Message-ID: >> <1A6869C7-B4B3-4AF7-846E-FFA67AF78C95(a)ipfire.org> >> >> Content-Type: text/plain; charset=utf-8 >> >> Hello Stefan, >> >> What happens to firewalls that do not run 24/7? >> >> Will this job be performed after 12 hours have passed no matter how long? So let?s say I shut down a system for a day, would the job run immediately? >> >> -Michael >> >> >>> On 8 May 2022, at 14:23, Stefan Schantl <stefan.schantl(a)ipfire.org> >>> wrote: >>> >>> Signed-off-by: Stefan Schantl >>> <stefan.schantl(a)ipfire.org> >>> >>> --- >>> config/cron/crontab | 4 ++-- >>> 1 file changed, 2 insertions(+), 2 deletions(-) >>> >>> diff --git a/config/cron/crontab b/config/cron/crontab >>> index d61d26619..c42104626 100644 >>> --- a/config/cron/crontab >>> +++ b/config/cron/crontab >>> @@ -62,8 +62,8 @@ HOME=/ >>> # Update location database >>> %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1 >>> >>> -# Update surciata rules. >>> -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 >>> +# Perform a surciata rules update every 12 hours. >>> +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 >>> >>> # Retry sending spooled mails regularly >>> %hourly * /usr/sbin/dma -q >>> -- >>> 2.30.2 >>> >>> ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH] suricata: Perform ruleset update every 12 hours. @ 2022-05-08 13:23 Stefan Schantl 2022-05-08 14:23 ` Peter Müller 2022-05-08 16:12 ` Michael Tremer 0 siblings, 2 replies; 4+ messages in thread From: Stefan Schantl @ 2022-05-08 13:23 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 826 bytes --] Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org> --- config/cron/crontab | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/cron/crontab b/config/cron/crontab index d61d26619..c42104626 100644 --- a/config/cron/crontab +++ b/config/cron/crontab @@ -62,8 +62,8 @@ HOME=/ # Update location database %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1 -# Update surciata rules. -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 +# Perform a surciata rules update every 12 hours. +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 # Retry sending spooled mails regularly %hourly * /usr/sbin/dma -q -- 2.30.2 ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] suricata: Perform ruleset update every 12 hours. 2022-05-08 13:23 Stefan Schantl @ 2022-05-08 14:23 ` Peter Müller 2022-05-08 16:12 ` Michael Tremer 1 sibling, 0 replies; 4+ messages in thread From: Peter Müller @ 2022-05-08 14:23 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 910 bytes --] Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org> > Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org> > --- > config/cron/crontab | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/config/cron/crontab b/config/cron/crontab > index d61d26619..c42104626 100644 > --- a/config/cron/crontab > +++ b/config/cron/crontab > @@ -62,8 +62,8 @@ HOME=/ > # Update location database > %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1 > > -# Update surciata rules. > -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 > +# Perform a surciata rules update every 12 hours. > +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 > > # Retry sending spooled mails regularly > %hourly * /usr/sbin/dma -q ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] suricata: Perform ruleset update every 12 hours. 2022-05-08 13:23 Stefan Schantl 2022-05-08 14:23 ` Peter Müller @ 2022-05-08 16:12 ` Michael Tremer 1 sibling, 0 replies; 4+ messages in thread From: Michael Tremer @ 2022-05-08 16:12 UTC (permalink / raw) To: development [-- Attachment #1: Type: text/plain, Size: 1185 bytes --] Hello Stefan, What happens to firewalls that do not run 24/7? Will this job be performed after 12 hours have passed no matter how long? So let’s say I shut down a system for a day, would the job run immediately? -Michael > On 8 May 2022, at 14:23, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote: > > Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org> > --- > config/cron/crontab | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/config/cron/crontab b/config/cron/crontab > index d61d26619..c42104626 100644 > --- a/config/cron/crontab > +++ b/config/cron/crontab > @@ -62,8 +62,8 @@ HOME=/ > # Update location database > %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1 > > -# Update surciata rules. > -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 > +# Perform a surciata rules update every 12 hours. > +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 > > # Retry sending spooled mails regularly > %hourly * /usr/sbin/dma -q > -- > 2.30.2 > ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-05-12 9:23 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <c2a2e4d8-4c28-0221-ceb7-155488738412@yahoo.com>
2022-05-12 9:23 ` : [PATCH] suricata: Perform ruleset update every 12 hours Michael Tremer
2022-05-08 13:23 Stefan Schantl
2022-05-08 14:23 ` Peter Müller
2022-05-08 16:12 ` Michael Tremer
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox