From mboxrd@z Thu Jan  1 00:00:00 1970
From: Stefan Schantl <stefan.schantl@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] Suricata: detect TLS traffic on port 444, too
Date: Fri, 01 Mar 2019 18:11:44 +0100
Message-ID: <d4015567eb8b3d48358faa81f090523bc37ee857.camel@ipfire.org>
In-Reply-To: <D8F4B6FB-F394-4E24-80F1-BBD0226BE06B@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7749718586460394727=="
List-Id: <development.lists.ipfire.org>

--===============7749718586460394727==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit

Merged.

Best regards,

-Stefan
> Acked-by: Michael Tremer <michael.tremer(a)ipfire.org>
> 
> > On 22 Feb 2019, at 20:16, Peter Müller <peter.mueller(a)ipfire.org>
> > wrote:
> > 
> > This is the default port for IPFire's administrative web interface
> > and should be monitored by Suricata, too.
> > 
> > Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
> > c: Stefan Schantl <stefan.schantl(a)ipfire.org>
> > ---
> > config/suricata/suricata.yaml | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> > 
> > diff --git a/config/suricata/suricata.yaml
> > b/config/suricata/suricata.yaml
> > index 4fbd32b85..0ff06f4ae 100644
> > --- a/config/suricata/suricata.yaml
> > +++ b/config/suricata/suricata.yaml
> > @@ -140,7 +140,7 @@ app-layer:
> >     tls:
> >       enabled: yes
> >       detection-ports:
> > -        dp: "[443,465,993,995]"
> > +        dp: "[443,444,465,993,995]"
> > 
> >       # Completely stop processing TLS/SSL session after the
> > handshake
> >       # completed. If bypass is enabled this will also trigger flow
> > -- 
> > 2.16.4

--===============7749718586460394727==
Content-Type: application/pgp-signature
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="signature.asc"
MIME-Version: 1.0

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KCmlRSXpCQUFCQ2dBZEZpRUVXTzBOWHRTcnZo
YXN5dERuVHRkT0ZZK1RzdDRGQWx4NVo5QUFDZ2tRVHRkT0ZZK1QKc3Q3N0xoQUFoVE9UZ3p1eDAv
bHhlRzFLdUdFei8wb1VINDJEdWVXYitFN1FUWlY4M0tEdE82MjNBMUZaWGlRRQpaSlYxMWVsaWdH
MDBwUFI4YS80YWpDR3JiZ3d4L0NMeno1VkVrZU9LNDdZNEk1bGhVVHRYWGYwTGFaQUhsZG54CjFP
ai9WWmhZVFdEMEZXcUlTdlZ4MHg3RUxKUHVHbWVITTR3OXR5ZlkvY0c2eHkxM0Nob0h0ZldnOEp3
RnFkeUYKa3phU0xZZWdURUlBMiswRDBYQkJVeThOYUdyQytKRnBCdUFBUVV1S0llMU9MQ085d25o
RzN5Mm9ybXE0dWNGOQpyYXp1dndVYkN1TG5OL0NheS9FQVNOZXJpRUhPK2tRN2NZM1dXR2FwU3M0
RURidUQzRmwwYjZISzh0K09sU2ZFCnI3M2dUU2RMY3E2OXdKeVVCcktXN0owcE5aMnoyK1ZhL1lX
STZ5NG1WODFrTjNlMXlWdGdqWTB4Z1hmOXJCSnEKZlZ1amNRWW5sN3NSOVpXQTdzVTRoOEFhSVlX
UWRQY0xFUlREK01CSWxLTFlGUTBPNXIrdUhvb1BqOGlGS2xaYgpMVnJNbjR3dHhwZks1bjVBUkFU
ZGRWb0kyeWptZmkveEw0bXJ0alp2Vlo2c2kzVSsrdklQeUUyWE83dzk0aE5JCkROUXl5V01sb0Y4
V3RqMnEwV3J6OFNoR0VqeC94RExaTHF1aUZEZHd6L01ibHN5QUl0TEE1dmhsbjlpc1d1UzEKTGpv
S3cwdFpQOFRoekQwTU1KSkx6TkxtVjN5dHFzdkRGWXNnbUhaaFZWNEFrOEdLUFZ0emtVMHB0L1NP
a0dQUAp2VkhHT1NtUFVETndxejBDY3RFMm9xVnF6SDdOK2dzYWlFdld5YlAzYWZ2VUhWTGlEK1k9
Cj1iMkp0Ci0tLS0tRU5EIFBHUCBTSUdOQVRVUkUtLS0tLQo=

--===============7749718586460394727==--