Feature #2864
closedSuricata-update merging local rules without trying to fetch rules from sources outside (offline mode)
Description
Suricata-update merging local rules without trying to fetch rules from sources
Updated by Victor Julien about 6 years ago
- Priority changed from High to Normal
Can you explain what you mean? It's not clear to me what you're requesting.
Updated by Darren pierre about 6 years ago
Victor Julien wrote:
Can you explain what you mean? It's not clear to me what you're requesting.
Is there some way I can use suricata-update just for merging rules from my local machine without suricata-update trying to fetch rules from a url?
Updated by Jason Ish about 6 years ago
Like an offload mode? Use what it has cached instead of reaching out for an update? This is not an option now, but probably should be.
Updated by Darren pierre about 6 years ago
Jason Ish wrote:
Like an offload mode? Use what it has cached instead of reaching out for an update? This is not an option now, but probably should be.
yes some sort of offload mode , uses what it has cached locally and merges all the rules files specified into a new suricata.rules or specified rules file .Do you have any some kind of work around solution for this?
Updated by Jason Ish about 6 years ago
- Subject changed from Suricata-update merging local rules without trying to fetch rules from sources outside to Suricata-update merging local rules without trying to fetch rules from sources outside (offline mode)
Oops. Meant to say offline mode.
Anyways, no. After it does go online once there is a 15 minute period where it will not. So repeated updates won't go online. But a code change will be required.
Updated by Shivani Bhardwaj over 5 years ago
- Status changed from New to Resolved