From e88d8c9a13c12769dc2420a02de073f3f4627214 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Thu, 24 Apr 2014 15:07:08 -0400 Subject: Implement blocking function support in Suricata pkg GUI. --- config/suricata/suricata_yaml_template.inc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'config/suricata/suricata_yaml_template.inc') diff --git a/config/suricata/suricata_yaml_template.inc b/config/suricata/suricata_yaml_template.inc index 07ada36e..4a2f7c85 100644 --- a/config/suricata/suricata_yaml_template.inc +++ b/config/suricata/suricata_yaml_template.inc @@ -29,6 +29,14 @@ default-log-dir: {$suricatalogdir}suricata_{$if_real}{$suricata_uuid} # Configure the type of alert (and other) logging. outputs: + # alert_pf blocking plugin + - alert-pf: + enabled: {$suri_blockoffenders} + kill-state: {$suri_killstates} + pass-list: {$suri_passlist} + block-ip: {$suri_blockip} + pf-table: {$suri_pf_table} + # a line based alerts log similar to Snort's fast.log - fast: enabled: yes -- cgit v1.2.3 From 66d1a76e5f20e655a7343909c382cb8098709d1e Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Sun, 27 Apr 2014 15:17:33 -0400 Subject: Fix path to the magic.mgc file for file capture function. --- config/suricata/suricata_yaml_template.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'config/suricata/suricata_yaml_template.inc') diff --git a/config/suricata/suricata_yaml_template.inc b/config/suricata/suricata_yaml_template.inc index 4a2f7c85..4ced9059 100644 --- a/config/suricata/suricata_yaml_template.inc +++ b/config/suricata/suricata_yaml_template.inc @@ -107,7 +107,7 @@ outputs: force-md5: {$json_log_md5} # Magic file. The extension .mgc is added to the value here. -magic-file: {$suricatacfgdir}/magic +magic-file: /usr/share/misc/magic # Specify a threshold config file threshold-file: {$suricatacfgdir}/threshold.config -- cgit v1.2.3