Message ID | 20190228142825.5153-20-michael.tremer@ipfire.org |
---|---|
State | Accepted |
Commit | 99d75ac72e66928f5218c222b0b3fd8fbfba179f |
Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.i.ipfire.org [172.28.1.200]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail01.ipfire.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by web07.i.ipfire.org (Postfix) with ESMTPS id C527788B0B9 for <patchwork@web07.i.ipfire.org>; Thu, 28 Feb 2019 14:30:15 +0000 (GMT) Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 449FMC2C89z5KgW0; Thu, 28 Feb 2019 14:30:15 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1551364215; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references:list-id:list-unsubscribe:list-subscribe:list-post; bh=0wYSPlywLJHqmHgHoKGOPC6mwET+Emud1iQ8M9sh3ic=; b=W8IP6DVLOFFn8+ObgqxZ9vzClm93dc7ztQlXkh+4/WIZtb1OoxhjVGQ9mYSZn6hW9BkUPH XP1XwZWy+fnDIxugA04qXEwSP/cLkTLVoMvK8sSZrqoL9bpEUwJSKdcPWskRmAIfR+thp9 r62hX1T34KAwoTfPzwdznwVp0rT2mvveiZrK5gxF7iKGeNpZGzCfEoMbhcPzN6SeNNJviL bnTij3dPgS6uTGbe35x1rG/9JhkMqAH3wifH3ItRgUlgv0+2R5/n2Csnbo1dU6mWP6KIP6 QOZcaOAX5Wd3yZA2ZXijoqdeTy2DJbpyWi9kS60Cj2zvFOt1nd/7+kcWKhjy9A== Received: from ipfire.tremer.co.uk (unknown [88.215.19.234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 449FKc3N0pz5KvHY; Thu, 28 Feb 2019 14:28:52 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=201801; t=1551364132; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=0wYSPlywLJHqmHgHoKGOPC6mwET+Emud1iQ8M9sh3ic=; b=ioCJDQ5q4wt+vCFlyvZjalKFJFIX2EUIjS7iYyO+VgjAGrW7tRPdA8CYGgjMUoOooYBKoP 1AHSSf7/4kypFrfLcSfSEbXCNli5qAAo/lQ9auVXimHOTS0xMNZVoTnUCZlQNVcor5KPEz pxWGZkGdWZsfOFyuQr14Dv0lvWexHCl0Z7CdTqdhE8FnlpvUKhswAmi+DNyNlsqKtt9yYV POH1mXltyFsLxEqgv7h7eAfjkWEPUlMncmMBEQ0td4IWy2fmN4qXAErAhWFVv3uuxESuqF 2yPyZl1rKVua/Zv1sgAmurBFGZG31I5pqJ87j8IVkLZU7j+CS7LUpLj5kfBBvA== From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 19/20] suricata: Start capture first and then load rules Date: Thu, 28 Feb 2019 14:28:24 +0000 Message-Id: <20190228142825.5153-20-michael.tremer@ipfire.org> X-Mailer: git-send-email 2.12.2 In-Reply-To: <20190228142825.5153-1-michael.tremer@ipfire.org> References: <20190228142825.5153-1-michael.tremer@ipfire.org> Authentication-Results: mail01.ipfire.org; auth=pass smtp.auth=ms smtp.mailfrom=michael.tremer@ipfire.org X-Spamd-Result: default: False [-8.78 / 11.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; REPLY(-4.00)[]; DKIM_SIGNED(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; MID_CONTAINS_FROM(1.00)[]; NEURAL_HAM(-2.68)[-0.894,0]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:31655, ipnet:88.215.0.0/18, country:GB]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-8.78 X-Rspamd-Server: mail01.i.ipfire.org Cc: Michael Tremer <michael.tremer@ipfire.org> X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <https://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
Series |
Suricata Configuration Updates
|
|
Commit Message
Michael Tremer
1 Mar 2019, 1:28 a.m. UTC
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
config/suricata/suricata.yaml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml index cedf49589..f53905b55 100644 --- a/config/suricata/suricata.yaml +++ b/config/suricata/suricata.yaml @@ -608,9 +608,10 @@ detect: toserver-groups: 25 sgh-mpm-context: auto inspection-recursion-limit: 3000 + # If set to yes, the loading of signatures will be made after the capture # is started. This will limit the downtime in IPS mode. - #delayed-detect: yes + delayed-detect: yes prefilter: # default prefiltering setting. "mpm" only creates MPM/fast_pattern