From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4bm4SZ2XCBz30NY for ; Mon, 21 Jul 2025 15:43:58 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4bm4SZ2Gr9z2ybf for ; Mon, 21 Jul 2025 15:43:58 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "people01.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4bm4SY4VKDzkM for ; Mon, 21 Jul 2025 15:43:57 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1753112637; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=I8wEMuEPO/QpVm+Bj4YaeGNRJTqZKxW0sD7L4VB7aCA=; b=VF6lvnhl40xMCoqh3ZpzOna1fdHgZ6i0Dc5az5EzuKgEBiuHrOH9Mjzg+CeXgUCCEpelXY 56dtxrlBz+rmXFAg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1753112637; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=I8wEMuEPO/QpVm+Bj4YaeGNRJTqZKxW0sD7L4VB7aCA=; b=Ds+NuNHGKv2/oGiPSYVxf0/9aZYAshO+muph6ISxVgofW56ea3+lje8E1Mc/yN5MSs5Ogb Az7y7of/NcvlhUiqeMfbr661v3VPeUlGhw2kDt02ktcwd2PxwS+ns+yzRlJFxF64cLQHLi UUTGlVKDdY6ymgYEcj+ZpfdNM7PRV5cX0cDGwbo8IHnH2Ve+APMtqw3yaeb1yrbA8nMq3V e3kXSC70vBB12eB3TEdTIKDACCiGLh1Ag4Hgh6qFZJGK8w60cwz5J7WyeVqhvlXA42lV6W h6DCsooTE1dvydUwc2tplR/bVcFhuy3muHIqJCpEZsDINiAQ6EOl4/+KyGtNPQ== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4bm4SY3PXJz2xcq; Mon, 21 Jul 2025 15:43:57 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 3e945cb3f0644f9dae356b0cbe0ddf9e532497b1 X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: dab0e52df496e83e797a80ffb19ee863e086b1d1 X-Git-Newrev: 3e945cb3f0644f9dae356b0cbe0ddf9e532497b1 Message-Id: <4bm4SY3PXJz2xcq@people01.haj.ipfire.org> Date: Mon, 21 Jul 2025 15:43:57 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 3e945cb3f0644f9dae356b0cbe0ddf9e532497b1 (commit) via 38617a4acd4485be7b019a72e549d222ecba1ad6 (commit) from dab0e52df496e83e797a80ffb19ee863e086b1d1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3e945cb3f0644f9dae356b0cbe0ddf9e532497b1 Author: Michael Tremer Date: Mon Jul 21 15:43:38 2025 +0000 core197: Ship Suricata's ruleset sources Signed-off-by: Michael Tremer commit 38617a4acd4485be7b019a72e549d222ecba1ad6 Author: Adolf Belka Date: Mon Jul 21 16:34:52 2025 +0200 ruleset-sources: Remove the abuse.ch SSL list from the suricata sources - The abuse.ch ssl suricata list has stopped being updated since 2025-06-25 - Looking at all of the abuse.ch lists, none of them are being updated anymore so abuse.ch becoming part of spamhaus looks to have stopped all work on free versions of the lists - This change modifies the abuse.ch entry so that it no longer can be installed but also if already installed it will remove it. - The patch has also made a few minor typo corrections in comments. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/rootfiles/core/197/filelists/files | 1 + config/suricata/ruleset-sources | 9 +++------ 2 files changed, 4 insertions(+), 6 deletions(-) Difference in files: diff --git a/config/rootfiles/core/197/filelists/files b/config/rootfiles/core/197/filelists/files index ba7fa34c41..cf1a0b3f9d 100644 --- a/config/rootfiles/core/197/filelists/files +++ b/config/rootfiles/core/197/filelists/files @@ -24,4 +24,5 @@ var/ipfire/menu.d/20-status.menu var/ipfire/menu.d/40-services.menu var/ipfire/main/manualpages var/ipfire/ovpn/collectd.vpn +var/ipfire/suricata/ruleset-sources var/ipfire/wireguard-functions.pl diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources index 4e9ea5fa93..b843d3e499 100644 --- a/config/suricata/ruleset-sources +++ b/config/suricata/ruleset-sources @@ -27,7 +27,7 @@ our %Providers = ( dl_type => "archive", }, - # Ruleset for registered sourcefire users with a valid subsription. + # Ruleset for registered sourcefire users with a valid subscription. subscripted => { summary => "Talos VRT rules with subscription", website => "https://www.snort.org", @@ -47,7 +47,7 @@ our %Providers = ( dl_type => "archive", }, - # Emerging threads community rules. + # Emerging threats community rules. emerging => { summary => "Emergingthreats.net Community Rules", website => "https://emergingthreats.net/", @@ -57,7 +57,7 @@ our %Providers = ( dl_type => "archive", }, - # Emerging threads Pro rules. + # Emerging threats Pro rules. emerging_pro => { summary => "Emergingthreats.net Pro Rules", website => "https://emergingthreats.net/", @@ -72,9 +72,6 @@ our %Providers = ( summary => "Abuse.ch SSLBL Blacklist Rules", website => "https://sslbl.abuse.ch/", tr_string => "sslbl blacklist rules", - requires_subscription => "False", - dl_url => "https://sslbl.abuse.ch/blacklist/sslblacklist.rules", - dl_type => "plain", }, # Etnetera Aggressive Blacklist. hooks/post-receive -- IPFire 2.x development tree