As discussed at 16.07.2018, we are planning to move to Suricata IDS in IPFire 2.x for various reasons.
Open questions (forgive me if it had slipped my mind): - Should we drop oinkmaster and move to etupdate? - Good default configuration for Suricata (I can do some research) - Should we let Guardian handle the IPS function or use Suricatas' built-in (I prefer the first)?
(In reply to Peter Müller from comment #1) > Open questions (forgive me if it had slipped my mind): > - Should we drop oinkmaster and move to etupdate? We will stay with oinkmaster in IPFire 2 > - Good default configuration for Suricata (I can do some research) Please do > - Should we let Guardian handle the IPS function or use Suricatas' built-in > (I prefer the first)? I guess guardian has a nice UI now and it would be a waste to throw that away. However, it might be a good idea to think about a better integration with suricata instead of parsing logfiles
Suricata has been shipped with IPFire 2.23 - Core 131, so this bug and all related one can be closed as fixed.