Bug 12166

Summary:	DNS resolvers should be placed in DNS_SERVERS in suricata.yaml
Product:	IPFire	Reporter:	Peter Müller <peter.mueller>
Component:	---	Assignee:	Stefan Schantl <stefan.schantl>
Status:	CLOSED FIXED	QA Contact:	Peter Müller <peter.mueller>
Severity:	Security
Priority:	Will affect most users	CC:	arne.fitzenreiter, michael.tremer
Version:	2	Keywords:	Security
Hardware:	all
OS:	All
See Also:	https://bugzilla.ipfire.org/show_bug.cgi?id=12260
Bug Depends on:
Bug Blocks:	12052

Description Peter Müller 2019-09-05 17:33:05 UTC

DNS_SERVERS contains a list of all DNS servers we have in place, so the DNS resolvers of a IPFire installations should be added there, too.

Comment 1 Peter Müller 2019-10-28 15:28:58 UTC

Since observing DNS traffic from or to the resolvers as such might have security implications, I am changing the priority of this.

Comment 2 Michael Tremer 2019-10-28 15:52:52 UTC

Yes I agree. Stefan, please make this a priority.

Comment 3 Stefan Schantl 2019-11-05 09:33:34 UTC

Patchset has been sent to the development mailing list:

https://patchwork.ipfire.org/patch/2573/
https://patchwork.ipfire.org/patch/2574/
https://patchwork.ipfire.org/patch/2575/
https://patchwork.ipfire.org/patch/2576/
https://patchwork.ipfire.org/patch/2577/

Comment 4 Stefan Schantl 2019-11-05 09:34:55 UTC

In order to ship this changes by a core update the changed files needs to be shipped and the red.up suricata script needs to be launched .

Comment 5 Peter Müller 2019-12-11 20:18:41 UTC

https://blog.ipfire.org/post/ipfire-2-23-core-update-139-is-available-for-testing

Comment 6 Peter Müller 2020-01-22 21:09:12 UTC

https://blog.ipfire.org/post/ipfire-2-23-core-update-139-released