17 Dec
2021
17 Dec
'21
10:17 a.m.
Reviewed-by: Michael Tremer michael.tremer@ipfire.org
This makes a lot of sense. Thank you.
On 16 Dec 2021, at 20:23, Stefan Schantl stefan.schantl@ipfire.org wrote:
The parsers for those are disabled in the suricata config so the rules are not needed, on the contrary they massively will spam warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
config/suricata/suricata-default-rules.yaml | 2 -- 1 file changed, 2 deletions(-)
diff --git a/config/suricata/suricata-default-rules.yaml b/config/suricata/suricata-default-rules.yaml index 64493e462..d6c358add 100644 --- a/config/suricata/suricata-default-rules.yaml +++ b/config/suricata/suricata-default-rules.yaml @@ -5,13 +5,11 @@
- /usr/share/suricata/rules/app-layer-events.rules
- /usr/share/suricata/rules/decoder-events.rules
- /usr/share/suricata/rules/dhcp-events.rules
- /usr/share/suricata/rules/dnp3-events.rules
- /usr/share/suricata/rules/dns-events.rules
- /usr/share/suricata/rules/files.rules
- /usr/share/suricata/rules/http-events.rules
- /usr/share/suricata/rules/ipsec-events.rules
- /usr/share/suricata/rules/kerberos-events.rules
- /usr/share/suricata/rules/modbus-events.rules
- /usr/share/suricata/rules/nfs-events.rules
- /usr/share/suricata/rules/ntp-events.rules
- /usr/share/suricata/rules/smb-events.rules
-- 2.30.2