webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 03:07:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b5350c4d6ee39b4991f1fb0d467b87d514b59a58
bpfire/config/suricata/ruleset-sources
Stefan Schantl b5350c4d6e ruleset-sources: Fix website url for community ruleset. 
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
2021-12-19 13:22:59 +01:00

70 lines
2.5 KiB
Plaintext
Raw Blame History

package IDS::Ruleset;
# This file contains the supported ruleset providers.
#
# Each one is defined as a hash in the main hash.
# It's name acts as handle/key and the key/value pair acts as data part.
# So the structure is like the following:
#
# handle => {
# summary => A short summary of the service. This also will be shown if no translation string is available for the WUI.
# website => The website of the ruleset provider.
# tr_string => The translation string which is used by the WUI and part of the language files.
# requires_subscription => "True/False" - If some kind of registration code is required in order to download the ruleset.
# dl_url => The download URL to grab the ruleset.
# dl_type => "archive/file" - To specify, if the downloaded file is a packed archive or a plain text file.
# },
# Hash which contains the supported ruleset providers.
our %Providers = (
# Ruleset for registered sourcefire users.
registered => {
summary => "Talos VRT rules for registered users",
website => "https://www.snort.org",
tr_string => "registered user rules",
requires_subscription => "True",
dl_url => "https://www.snort.org/rules/snortrules-snapshot-29161.tar.gz?oinkcode=<subscription_code>",
dl_type => "archive",
},
# Ruleset for registered sourcefire users with a valid subsription.
subscripted => {
summary => "Talos VRT rules with subscription",
website => "https://www.snort.org",
tr_string => "subscripted user rules",
requires_subscription => "True",
dl_url => "https://www.snort.org/rules/snortrules-snapshot-29161.tar.gz?oinkcode=<subscription_code>",
dl_type => "archive",
},
# Community rules from sourcefire.
community => {
summary => "Snort/VRT GPLv2 Community Rules",
website => "https://www.snort.org",
tr_string => "community rules",
requires_subscription => "False",
dl_url => "https://www.snort.org/rules/community",
dl_type => "archive",
},
# Emerging threads community rules.
emerging => {
summary => "Emergingthreats.net Community Rules",
website => "https://emergingthreats.net/",
tr_string => "emerging rules",
requires_subscription => "False",
dl_url => "https://rules.emergingthreats.net/open/suricata-5.0/emerging.rules.tar.gz",
dl_type => "archive",
},
# Emerging threads Pro rules.
emerging_pro => {
summary => "Emergingthreats.net Pro Rules",
website => "https://emergingthreats.net/",
tr_string => "emerging pro rules",
requires_subscription => "True",
dl_url => "https://rules.emergingthreatspro.com/<subscription_code>/suricata-5.0/etpro.rules.tar.gz",
dl_type => "archive",
},
);
Reference in New Issue View Git Blame Copy Permalink