In the CU188 notes it mentioned disabling noisy Suricata rules. Then we found out that actually had not happened. No mention in the CU189 notes. So do we know if Suricata default rules are disabled in CU189?
Thanks!
Yes they are disabled since Core Update 188.
This was fixed in the updater back then as well.
2 Likes
You can easily check by looking in
/var/ipfire/suricata/suricata-used-rulesfiles.yaml
and you will find that those rules are no longer listed, only the ones that you have selected in your ruleset providers rules.
2 Likes