| Message ID | 20220623060319.2661-1-stefan.schantl@ipfire.org |
|---|---|
| State | Accepted |
| Commit | b77b41a579982fd6ee524f1c8ee45fea03bb9b76 |
| Headers |
Return-Path: <development-bounces@lists.ipfire.org> Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4LT8nX4mYmz3wcT for <patchwork@web04.haj.ipfire.org>; Thu, 23 Jun 2022 06:03:28 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4LT8nW3jmsz2n7; Thu, 23 Jun 2022 06:03:27 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4LT8nW2ddjz2yjS; Thu, 23 Jun 2022 06:03:27 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4LT8nT4lVyz2xyS for <development@lists.ipfire.org>; Thu, 23 Jun 2022 06:03:25 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4LT8nT0sdNz2n1; Thu, 23 Jun 2022 06:03:25 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1655964205; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=X/56bC6vVmN3Mnb6h4GZuJeuazmnrAaLntJ37KiLAR0=; b=QuZ7qC/yy/yX7fK44xK+xKt+TCISKEyE/jX312ZWKBmaeSCwr6ew32vjv0+TtRZVnjeqya sAvhOp752OUge7Cg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1655964205; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=X/56bC6vVmN3Mnb6h4GZuJeuazmnrAaLntJ37KiLAR0=; b=H4eCAWX3V0kbIIRw6KnvIKQIwSAz8/SFlj4u3JnML2zSiKDKxKKkeuJ4PFrIigUPH9HzuB iXe+FMfDvAOQR/FeOA/66DDCjNc+MJVyiKYTLCbgJ/z2CuPkXThuEJkg5FIFf4mwejJXYG NL3ErV5yTPrHrYY5xVGAOIviQ+pJ5D0BeZu+Tgf5x89SZpsydPcwgrRpvQOQRn2Z+Aqq4Z mwQH179o+bv+SM1SSJmw93B+A5WEeTKx7TJhd5Cp5QOKmR8N6q2pR8Wh77XsLvpQT688cY 00CRhZrbGfsatJqmzaDTPSu6Z/yMJU4gDpK0j3ONIJPgDb5IxS0eX6OpkwIu/Q== From: Stefan Schantl <stefan.schantl@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] ruleset-sources: Update download URL for Talos rulesets. Date: Thu, 23 Jun 2022 08:03:19 +0200 Message-Id: <20220623060319.2661-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk <development.lists.ipfire.org> List-Unsubscribe: <https://lists.ipfire.org/mailman/options/development>, <mailto:development-request@lists.ipfire.org?subject=unsubscribe> List-Archive: <http://lists.ipfire.org/pipermail/development/> List-Post: <mailto:development@lists.ipfire.org> List-Help: <mailto:development-request@lists.ipfire.org?subject=help> List-Subscribe: <https://lists.ipfire.org/mailman/listinfo/development>, <mailto:development-request@lists.ipfire.org?subject=subscribe> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org> |
| Series |
ruleset-sources: Update download URL for Talos rulesets.
|
|
Commit Message
Stefan Schantl
June 23, 2022, 6:03 a.m. UTC
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
config/suricata/ruleset-sources | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
Hello Stefan, thank you for submitting this. Does this patch urgently need to go into Core Update 169? While there is still an issue left to solve with the update, I would rather abstain from packing any patch that now comes up into it as well... Apart from that: Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Thanks, and best regards, Peter Müller > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > --- > config/suricata/ruleset-sources | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources > index 1d2c6e98b..592cbedf0 100644 > --- a/config/suricata/ruleset-sources > +++ b/config/suricata/ruleset-sources > @@ -23,7 +23,7 @@ our %Providers = ( > website => "https://www.snort.org", > tr_string => "registered user rules", > requires_subscription => "True", > - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", > + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", > dl_type => "archive", > }, > > @@ -33,7 +33,7 @@ our %Providers = ( > website => "https://www.snort.org", > tr_string => "subscripted user rules", > requires_subscription => "True", > - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", > + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", > dl_type => "archive", > }, >
I don’t quite understand why we can’t ship this. > On 23 Jun 2022, at 11:30, Peter Müller <peter.mueller@ipfire.org> wrote: > > Hello Stefan, > > thank you for submitting this. > > Does this patch urgently need to go into Core Update 169? While there is still an > issue left to solve with the update, I would rather abstain from packing any patch > that now comes up into it as well... > > Apart from that: > > Reviewed-by: Peter Müller <peter.mueller@ipfire.org> > > Thanks, and best regards, > Peter Müller > > >> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> >> --- >> config/suricata/ruleset-sources | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources >> index 1d2c6e98b..592cbedf0 100644 >> --- a/config/suricata/ruleset-sources >> +++ b/config/suricata/ruleset-sources >> @@ -23,7 +23,7 @@ our %Providers = ( >> website => "https://www.snort.org", >> tr_string => "registered user rules", >> requires_subscription => "True", >> - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", >> + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", >> dl_type => "archive", >> }, >> >> @@ -33,7 +33,7 @@ our %Providers = ( >> website => "https://www.snort.org", >> tr_string => "subscripted user rules", >> requires_subscription => "True", >> - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", >> + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", >> dl_type => "archive", >> }, >>
Hello Peter, if possible it would we great to ship this with core 169. It is simply a minor change and allows those who are using the rulesets from Talos to get the latest rules again. Best regards, -Stefan > Hello Stefan, > > thank you for submitting this. > > Does this patch urgently need to go into Core Update 169? While there > is still an > issue left to solve with the update, I would rather abstain from > packing any patch > that now comes up into it as well... > > Apart from that: > > Reviewed-by: Peter Müller <peter.mueller@ipfire.org> > > Thanks, and best regards, > Peter Müller > > > > Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> > > --- > > config/suricata/ruleset-sources | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/config/suricata/ruleset-sources > > b/config/suricata/ruleset-sources > > index 1d2c6e98b..592cbedf0 100644 > > --- a/config/suricata/ruleset-sources > > +++ b/config/suricata/ruleset-sources > > @@ -23,7 +23,7 @@ our %Providers = ( > > website => "https://www.snort.org", > > tr_string => "registered user rules", > > requires_subscription => "True", > > - dl_url => > > "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode= > > <subscription_code>", > > + dl_url => > > "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode= > > <subscription_code>", > > dl_type => "archive", > > }, > > > > @@ -33,7 +33,7 @@ our %Providers = ( > > website => "https://www.snort.org", > > tr_string => "subscripted user rules", > > requires_subscription => "True", > > - dl_url => > > "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode= > > <subscription_code>", > > + dl_url => > > "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode= > > <subscription_code>", > > dl_type => "archive", > > }, > >
Hello Stefan, thanks for your reply. Michael already explained the nature of this patch to me, and it is included wit C169: https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=b77b41a579982fd6ee524f1c8ee45fea03bb9b76 Thanks for your follow-up and elaboration though. :-) All the best, Peter Müller > Hello Peter, > > if possible it would we great to ship this with core 169. It is simply > a minor change and allows those who are using the rulesets from Talos > to get the latest rules again. > > Best regards, > > -Stefan >> Hello Stefan, >> >> thank you for submitting this. >> >> Does this patch urgently need to go into Core Update 169? While there >> is still an >> issue left to solve with the update, I would rather abstain from >> packing any patch >> that now comes up into it as well... >> >> Apart from that: >> >> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> >> >> Thanks, and best regards, >> Peter Müller >> >> >>> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> >>> --- >>> config/suricata/ruleset-sources | 4 ++-- >>> 1 file changed, 2 insertions(+), 2 deletions(-) >>> >>> diff --git a/config/suricata/ruleset-sources >>> b/config/suricata/ruleset-sources >>> index 1d2c6e98b..592cbedf0 100644 >>> --- a/config/suricata/ruleset-sources >>> +++ b/config/suricata/ruleset-sources >>> @@ -23,7 +23,7 @@ our %Providers = ( >>> website => "https://www.snort.org", >>> tr_string => "registered user rules", >>> requires_subscription => "True", >>> - dl_url => >>> "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode= >>> <subscription_code>", >>> + dl_url => >>> "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode= >>> <subscription_code>", >>> dl_type => "archive", >>> }, >>> >>> @@ -33,7 +33,7 @@ our %Providers = ( >>> website => "https://www.snort.org", >>> tr_string => "subscripted user rules", >>> requires_subscription => "True", >>> - dl_url => >>> "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode= >>> <subscription_code>", >>> + dl_url => >>> "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode= >>> <subscription_code>", >>> dl_type => "archive", >>> }, >>> >
diff --git a/config/suricata/ruleset-sources b/config/suricata/ruleset-sources index 1d2c6e98b..592cbedf0 100644 --- a/config/suricata/ruleset-sources +++ b/config/suricata/ruleset-sources @@ -23,7 +23,7 @@ our %Providers = ( website => "https://www.snort.org", tr_string => "registered user rules", requires_subscription => "True", - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", dl_type => "archive", }, @@ -33,7 +33,7 @@ our %Providers = ( website => "https://www.snort.org", tr_string => "subscripted user rules", requires_subscription => "True", - dl_url => "https://www.snort.org/rules/snortrules-snapshot-29190.tar.gz?oinkcode=<subscription_code>", + dl_url => "https://www.snort.org/rules/snortrules-snapshot-29200.tar.gz?oinkcode=<subscription_code>", dl_type => "archive", },