-
Notifications
You must be signed in to change notification settings - Fork 3.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
snort3: add missing config include and general cleanup #22830
Conversation
What are the general guidelines that suggest a bump for PKG_RELEASE? I've read through the dev guidelines a couple times, and I can't find a mention of it (should this be in the wiki, if so let me know and I'll add it). |
37a958d
to
c29f544
Compare
@efahl - I have two suggestions:
|
@graysky2 , re no.1 yeah, I considered removing both of those files, but didn't want to break the manual setup. But now that you mention it, if someone already has a manual setup, then those files will be retained by |
That's perfect. Again, if the default package is using your new code, it should not be providing legacy files IMO. |
For no.2, YOW 30 seconds! I just ran Could you do a quick test? Edit
Then run
Immediately undo the edit to snort.uc, otherwise you'll have no rules next time you restart... |
Yes, when I swapped out my primary |
I too didn't see anything in the snort CLI that would work here... perhaps your strategy to not pass along the rules is good one. That way it is just the config that is checked for sanity. |
I'm thinking that the '-v' would do all the rules, and without it, just check a rule-less config. I'll give that a try and see how it works out. I expect most of the rules people use are downloaded and have already been checked, so no real loss. |
No, the |
Right, I'm modifying the check function so
Does that seem reasonable? |
Perfect! Ping the PR when you force push so I can test. |
Ping! Should all be there. |
Oops, had to merge with the version update from a couple days ago. |
Works as expected.
|
Looks good. Recommend merge. @graysky2, are you going to submit a pull request to co-maintain snort3? |
Michael invited me to co-maintain[1]. 1. openwrt#22830 (comment) Signed-off-by: John Audia <therealgraysky@proton.me>
Michael invited me to co-maintain[1]. 1. #22830 (comment) Signed-off-by: John Audia <therealgraysky@proton.me>
Looks good. Recommend merge as well. |
- Delete legacy configuration files homenet.lua and local.lua - Add snort config 'include' to allow user customizations in the lua - Enhance 'check' to test generated nftables file - Suppress inclusion of rules file when doing silent config check - Suppress warnings on configuration check unless '-v'erbose - Replace text logging with json logging to reduce footprint and make reports easier - Fix some typos in the snort.uc template - Fix up some error messages suggesting solutions Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Michael invited me to co-maintain[1]. 1. openwrt#22830 (comment) Signed-off-by: John Audia <therealgraysky@proton.me>
Maintainer: @flyn-org
Compile tested:
Run tested: x86/64
Description: