suricata: Perform ruleset update every 12 hours.
Commit Message
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/cron/crontab | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/cron/crontab | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/config/cron/crontab b/config/cron/crontab
> index d61d26619..c42104626 100644
> --- a/config/cron/crontab
> +++ b/config/cron/crontab
> @@ -62,8 +62,8 @@ HOME=/
> # Update location database
> %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
>
> -# Update surciata rules.
> -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
> +# Perform a surciata rules update every 12 hours.
> +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
>
> # Retry sending spooled mails regularly
> %hourly * /usr/sbin/dma -q
Hello Stefan,
What happens to firewalls that do not run 24/7?
Will this job be performed after 12 hours have passed no matter how long? So let’s say I shut down a system for a day, would the job run immediately?
-Michael
> On 8 May 2022, at 14:23, Stefan Schantl <stefan.schantl@ipfire.org> wrote:
>
> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
> ---
> config/cron/crontab | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/config/cron/crontab b/config/cron/crontab
> index d61d26619..c42104626 100644
> --- a/config/cron/crontab
> +++ b/config/cron/crontab
> @@ -62,8 +62,8 @@ HOME=/
> # Update location database
> %hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
>
> -# Update surciata rules.
> -%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
> +# Perform a surciata rules update every 12 hours.
> +@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
>
> # Retry sending spooled mails regularly
> %hourly * /usr/sbin/dma -q
> --
> 2.30.2
>
@@ -62,8 +62,8 @@ HOME=/
# Update location database
%hourly,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-location-database >/dev/null 2>&1
-# Update surciata rules.
-%daily,random * [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
+# Perform a surciata rules update every 12 hours.
+@ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1
# Retry sending spooled mails regularly
%hourly * /usr/sbin/dma -q