suricata: Do not load rules for dnp3 and modbus.
Commit Message
The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/suricata/suricata-default-rules.yaml | 2 --
1 file changed, 2 deletions(-)
Comments
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
This makes a lot of sense. Thank you.
> On 16 Dec 2021, at 20:23, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
>
> The parsers for those are disabled in the suricata config so
> the rules are not needed, on the contrary they massively will spam
> warnings when launching suricate because of the disabled parsers.
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/suricata/suricata-default-rules.yaml | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/config/suricata/suricata-default-rules.yaml b/config/suricata/suricata-default-rules.yaml
> index 64493e462..d6c358add 100644
> --- a/config/suricata/suricata-default-rules.yaml
> +++ b/config/suricata/suricata-default-rules.yaml
> @@ -5,13 +5,11 @@
> - /usr/share/suricata/rules/app-layer-events.rules
> - /usr/share/suricata/rules/decoder-events.rules
> - /usr/share/suricata/rules/dhcp-events.rules
> - - /usr/share/suricata/rules/dnp3-events.rules
> - /usr/share/suricata/rules/dns-events.rules
> - /usr/share/suricata/rules/files.rules
> - /usr/share/suricata/rules/http-events.rules
> - /usr/share/suricata/rules/ipsec-events.rules
> - /usr/share/suricata/rules/kerberos-events.rules
> - - /usr/share/suricata/rules/modbus-events.rules
> - /usr/share/suricata/rules/nfs-events.rules
> - /usr/share/suricata/rules/ntp-events.rules
> - /usr/share/suricata/rules/smb-events.rules
> --
> 2.30.2
>
@@ -5,13 +5,11 @@
- /usr/share/suricata/rules/app-layer-events.rules
- /usr/share/suricata/rules/decoder-events.rules
- /usr/share/suricata/rules/dhcp-events.rules
- - /usr/share/suricata/rules/dnp3-events.rules
- /usr/share/suricata/rules/dns-events.rules
- /usr/share/suricata/rules/files.rules
- /usr/share/suricata/rules/http-events.rules
- /usr/share/suricata/rules/ipsec-events.rules
- /usr/share/suricata/rules/kerberos-events.rules
- - /usr/share/suricata/rules/modbus-events.rules
- /usr/share/suricata/rules/nfs-events.rules
- /usr/share/suricata/rules/ntp-events.rules
- /usr/share/suricata/rules/smb-events.rules