Written by #xxaxxelxx

SELKS | Suricata | update the rulesets

You can use the web interface to do that, but i had some issues soing so. It’s better (and much faster) to run this:

/bin/su -s /bin/bash -c 'cd /usr/share/python/scirius/ && . bin/activate && python bin/manage.py updatesuricata && deactivate' www-data

You can check your success by inspecting /etc/suricata/rules/scrirus.rules

To check the plausibility/validity of your rules it’s better to reload them via the GUI, it may show you some stuff.

Leave a Reply

Please log in using one of these methods to post your comment:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.