From d0885624067d40da7f6ff26c6be66fc39ab73d12 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Thu, 16 Dec 2021 20:04:41 +0100
Subject: [PATCH] suricata: Do not load rules for dnp3 and modbus.

The parsers for those are disabled in the suricata config so
the rules are not needed, on the contrary they massively will spam
warnings when launching suricate because of the disabled parsers.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
---
 config/suricata/suricata-default-rules.yaml | 2 --
 1 file changed, 2 deletions(-)

diff --git a/config/suricata/suricata-default-rules.yaml b/config/suricata/suricata-default-rules.yaml
index 64493e462..d6c358add 100644
--- a/config/suricata/suricata-default-rules.yaml
+++ b/config/suricata/suricata-default-rules.yaml
@@ -5,13 +5,11 @@
  - /usr/share/suricata/rules/app-layer-events.rules
  - /usr/share/suricata/rules/decoder-events.rules
  - /usr/share/suricata/rules/dhcp-events.rules
- - /usr/share/suricata/rules/dnp3-events.rules
  - /usr/share/suricata/rules/dns-events.rules
  - /usr/share/suricata/rules/files.rules
  - /usr/share/suricata/rules/http-events.rules
  - /usr/share/suricata/rules/ipsec-events.rules
  - /usr/share/suricata/rules/kerberos-events.rules
- - /usr/share/suricata/rules/modbus-events.rules
  - /usr/share/suricata/rules/nfs-events.rules
  - /usr/share/suricata/rules/ntp-events.rules
  - /usr/share/suricata/rules/smb-events.rules