Project

General

Profile

Actions
Copy link

Bug #15033

closed

Suricata rule lists can't be manually updated unless the ETOpen Emerging Threats list is enabled

Added by Chris W almost 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Suricata
Target version:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
23.09
Affected Architecture:
All

Description

To reproduce on a system that's never had Suricata installed before:
- Install it, enable an interface and start the service.
- Go to Suricata's Global Settings. Enable Snort GPLv2 Community rules, Feodo Tracker, and/or Abuse.ch lists.
- Save

On the Updates tab, both the Update and Force buttons now can't be clicked on, and that section of the page says "WARNING: No rule types have been selected for download. Visit the Global Settings Tab to select rule types".

Then go back to Global Settings and enable the ETOpen list. Back at Updates, the buttons are now usable and the warning is gone. Then clicking Update or Force updates all rule lists successfully. Didn't try anything with ETPro or Snort registered rules because I don't have a subscription. Rebooting with ETOpen unselected does not make a difference.

Suricata version is 7.0.2_1

Files

Download all files
ETOpen-unselected.png (205 KB) ETOpen-unselected.png Chris W, 11/26/2023 02:08 AM
buttons-unavailable.png (78 KB) buttons-unavailable.png ETOpen unselected Chris W, 11/26/2023 02:08 AM
buttons-available.png (69.2 KB) buttons-available.png ETOpen selected Chris W, 11/26/2023 02:09 AM
Actions
Copy link

Also available in: Atom PDF