Hello Stefan,

Thanks for baking a new image. I just installed this and gave it a little test.

I will start with some comments on the UI:

* The error messages are a bit shouty. “No ruleset available, PLEASE DOWNLOAD ONE!!!111!!!” Is not really how these usually go.

The is two ways how to solve this: a) rephrase the messages and b) avoid that the user is shown this anyways. For example: grey out the enable checkbox when no ruleset has been downloaded and show a small note that this is a requirement.

* I think the top box can be merged with the settings box. There is too many headlines and this is rather confusing. It is one box in all other add-ons.

* It is not possible to click the Download button for rules when Save hasn’t been clicked before. That doesn’t make much sense.

* Downloading rules does not work. The log file says that no ruleset was selected although it was. Doesn’t work with any.

* In the German translation the word “Regelset” and “Regelsatz” are being used. I think the latter is the correct version.

So, I could not get this to work. What should I do?

-Michael

> On 1 Jan 2019, at 13:32, Stefan Schantl <stefan.schantl(a)ipfire.org> wrote:
> 
> Hello list followers,
> 
> a very happy new year to all of you!
> 
> I had some free time during the christmas days and backed a new testing
> image for suricata:
> 
> https://people.ipfire.org/~stevee/suricata/Images/ipfire-2.21.x86_64-suricata-beta4-full-core127.iso
> 
> It contains a lot of bug fixes and improvements suggested on this list.
> 
> As usual please do a lot of testing and report back any issues and
> suggestions.
> 
> Thanks in advance,
> 
> -Stefan
> 
> 
>> Hello list followers,
>> 
>> some time ago development for the new implementation of the Intrusion
>> Detection functionality in IPFire has been started.
>> 
>> The main goal, in a nutshell, was to give IPFire a modern, feature-
>> rich 
>> and user-friendly Intrusion Detection Engine. During this progress,
>> the
>> detection framework has been replaced - now suricata is used instead
>> of
>> snort.
>> 
>> Suricata uses a very modern and multi-threaded detection engine with
>> support to perform actions on malicious traffic. So it provides the
>> functionality of detecting any kind of intrusion attempts and the
>> ability of guardian to block them under the same hood.
>> 
>> It was a lot of work, but finaly I'm happy to announce the first test
>> version. It is almost feature complete and without any kind of bigger
>> issues.
>> 
>> Because Intrusion Detection is a key feature of a firewall system, a
>> lot of testing is required until the new implementation can become
>> part
>> of IPFire - therefore we need your help!
>> 
>> Download the test image (
>> https://people.ipfire.org/~stevee/suricata/Images/), do a lot of hard
>> testing and provide your feedback or suggestions on the develoment
>> mailing list (https://lists.ipfire.org/mailman/listinfo/development).
>> 
>> If you find any bugs please file them in the IPFire Bugtracker (
>> https://bugzilla.ipfire.org/).
>> 
>> Many thanks in advance,
>> 
>> -Stefan