From patchwork Tue Dec 10 13:23:55 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8316 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4Y6zw66WdBz3wxp for ; Tue, 10 Dec 2024 13:24:06 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4Y6zw33LgfzrD; Tue, 10 Dec 2024 13:24:03 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4Y6zw30x2pz333Y; Tue, 10 Dec 2024 13:24:03 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4Y6zw02kVyz30Mt for ; Tue, 10 Dec 2024 13:24:00 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4Y6zvz2d3Jz97; Tue, 10 Dec 2024 13:23:59 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1733837039; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=s979ZCFzORSLL0gO436I4x95WAS9kdAWGLS4IHN7Omw=; b=kmWeUWBTQPETvtewqqwwP0WI38iq+H858cRDaWpSkyzqDob1dimDa/tjy2mGW7MDmwh0W3 FbAng06+1X+VEyBQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1733837039; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=s979ZCFzORSLL0gO436I4x95WAS9kdAWGLS4IHN7Omw=; b=snxHq4R57RJSDbiCl8mW3t8NT76wqIpBXMxMWCd2X1bu/DG4+QjBAH1PIK609NZ0am0w2g zcO1pBqSfKwJeF8TvhlRxnbvpFT+BTEOU0sXIbKacSki4JTSzD6HIqVHqzR21591BeEO7k Y5yOLPSLjUGX/he2YgGF2JQHGpbQZFt4j+MGiCJRJfYpYUThJmg7m0kfvKfwu5XiSokXE0 aFXmi6do1BTDtmhwB4AxVFy5SiwkM/L9aMzcDgPQxCnF0eWnQ+Yv1Yn4KPGnOcs9QBIII6 wXvM7DsLsPVLd7x/mduk9YCQuNoZFXUpNpc+CYo/Pk7ExFL4+nQnOUpzLgAqZA== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] suricata.yaml: Fix bug13646 - Adjust the include syntax to use array format Date: Tue, 10 Dec 2024 14:23:55 +0100 Message-ID: <20241210132355.3397037-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: UJ27WTZRNXCEJSB5INO5ZT5INSBCYM5I X-Message-ID-Hash: UJ27WTZRNXCEJSB5INO5ZT5INSBCYM5I X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Suricata-8.x will only accept include statements in array format and not in multiple single lines. Suricata-7.x still accepts the multiple single lines but flags up that the format is deprecated and will be removed in suricata-8.x - This patch adjusts the address-groups include into the array format. - This change has been tested out on my vm and the IPS started up and from the logs you can see that all the include files were taken on board and the derprecation message is no longer shown. - This change can be implemented with Suricata-7.x and will make sure that IPFire has the include syntax that Suricata-8.x will require. Fixes: Bug13646 Tested-by: Adolf Belka Signed-off-by: Adolf Belka Reviewed-by: Michael Tremer --- config/suricata/suricata.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml index faa1aa71d..443b8e19e 100644 --- a/config/suricata/suricata.yaml +++ b/config/suricata/suricata.yaml @@ -8,11 +8,11 @@ vars: address-groups: - # Include HOME_NET declaration from external file. - include: /var/ipfire/suricata/suricata-homenet.yaml - - # Include DNS_SERVERS declaration from external file. - include: /var/ipfire/suricata/suricata-dns-servers.yaml + include: + # Include HOME_NET declaration from external file. + - /var/ipfire/suricata/suricata-homenet.yaml + # Include DNS_SERVERS declaration from external file. + - /var/ipfire/suricata/suricata-dns-servers.yaml EXTERNAL_NET: "any"