Hello Ville, thanks for joining the testing team. There is currently no update from an existing IPFire installation to the suricata containing one. So you have to create backups, do a fresh installation and then restore your backups. If possible and some test hardware is available, please install the image on a different machine than your productive one. Best regards, -Stefan > Hello, > > Thx for bringing this update! > > Is it ok to update my stable version of ipfire core 126 or should I > install this suricata version and then use backups to get my data and > settings back? > > -Ville- > > > > On 6 Feb 2019, at 10.58, Stefan Schantl > > wrote: > > > > Hello list, > > > > today im very happy to announce a new test image with the latest > > snapshot of the process bringing suricata to all of you. > > > > The image is now hosted and provided by the nightly build feature > > (a > > big thanks to Michael for providing this) of IPFire, so if > > development > > goes on, every time a new image will be generated and easily can be > > downloaded. > > > > The latest image always can be grabbed from here: > > > > https://nightly.ipfire.org/next-suricata/latest/x86_64/ > > > > Direct link for downloading the ISO image: > > > > https://nightly.ipfire.org/next-suricata/latest/x86_64/ipfire-2.21.x86_64-full-core128.isof > > > > There is currently one known issue, that any kind of snort rules > > (sourcefire) currenty can not be downloaded, so you have to use the > > rulesets from emergingthreads for testing. This issue will be fixed > > with the next image provided by the nightly build service. > > > > Thanks for downloading and testing, as usual please file any bugs > > to > > our bugtracker (https://bugzilla.ipfire.org) and share your > > feedback on > > this list. > > > > Best regards, > > > > -Stefan > > > > > > > Hello list followers, > > > > > > some time ago development for the new implementation of the > > > Intrusion > > > Detection functionality in IPFire has been started. > > > > > > The main goal, in a nutshell, was to give IPFire a modern, > > > feature- > > > rich > > > and user-friendly Intrusion Detection Engine. During this > > > progress, > > > the > > > detection framework has been replaced - now suricata is used > > > instead > > > of > > > snort. > > > > > > Suricata uses a very modern and multi-threaded detection engine > > > with > > > support to perform actions on malicious traffic. So it provides > > > the > > > functionality of detecting any kind of intrusion attempts and the > > > ability of guardian to block them under the same hood. > > > > > > It was a lot of work, but finaly I'm happy to announce the first > > > test > > > version. It is almost feature complete and without any kind of > > > bigger > > > issues. > > > > > > Because Intrusion Detection is a key feature of a firewall > > > system, a > > > lot of testing is required until the new implementation can > > > become > > > part > > > of IPFire - therefore we need your help! > > > > > > Download the test image ( > > > https://people.ipfire.org/~stevee/suricata/Images/), do a lot of > > > hard > > > testing and provide your feedback or suggestions on the > > > develoment > > > mailing list ( > > > https://lists.ipfire.org/mailman/listinfo/development). > > > > > > If you find any bugs please file them in the IPFire Bugtracker ( > > > https://bugzilla.ipfire.org/). > > > > > > Many thanks in advance, > > > > > > -Stefan