diff options
Diffstat (limited to 'config/suricata/suricata_check_for_rule_updates.php')
| -rw-r--r-- | config/suricata/suricata_check_for_rule_updates.php | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/config/suricata/suricata_check_for_rule_updates.php b/config/suricata/suricata_check_for_rule_updates.php index 0fa4fb2d..67334957 100644 --- a/config/suricata/suricata_check_for_rule_updates.php +++ b/config/suricata/suricata_check_for_rule_updates.php @@ -196,9 +196,11 @@ function suricata_download_file_url($url, $file_out) { } curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Win64; x64; Trident/6.0)"); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); - curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); + curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 Chrome/43.0.2357.65 Safari/537.36"); + curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "TLSv1.2, TLSv1"); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15); curl_setopt($ch, CURLOPT_TIMEOUT, 0); // Use the system proxy server setttings if configured @@ -604,6 +606,12 @@ if ($snortcommunityrules == 'on') { } } +// If removing deprecated rules categories, then do it +if ($config['installedpackages']['suricata']['config'][0]['hide_deprecated_rules'] == "on") { + log_error(gettext("[Suricata] Hide Deprecated Rules is enabled. Removing obsoleted rules categories.")); + suricata_remove_dead_rules(); +} + function suricata_apply_customizations($suricatacfg, $if_real) { global $vrt_enabled, $rebuild_rules; |