Documentation #5473
closedTask #5472: tracking: upgrading from 7 to 8
doc: upgrade guide for upgrading from 6 to 7
Added by Victor Julien over 1 year ago. Updated 3 months ago.
Updated by Victor Julien over 1 year ago
- Target version changed from 7.0.0-beta1 to 7.0.0-rc1
Updated by Victor Julien over 1 year ago
- Assignee changed from Juliana Fajardini Reichow to OISF Dev
Updated by Victor Julien over 1 year ago
- Target version changed from 7.0.0-rc1 to 7.0.0-rc2
Updated by Shivani Bhardwaj about 1 year ago
- Assignee changed from OISF Dev to Shivani Bhardwaj
Updated by Shivani Bhardwaj about 1 year ago
So far, with default 6.0.x conf,
1. Running master w 6.0.x conf throws no errors.
2. Running s-v tests w 6.0.x conf only fails tests for features and items that were not implemented in 6.
Updated by Shivani Bhardwaj about 1 year ago
Just found out that protocol specific options have to be explicitly enabled in 6.0.x but not in master. For example,
smtp:
enabled: yes
raw-extraction: no
mime:
decode-mime: yes
decode-base64: yes
decode-quoted-printable: yes
If the above mime section does not exist in a suricata.yaml of 6.0.x, every setting would be set to false. This goes against the warnings that we currently generate for the behavior described in https://redmine.openinfosecfoundation.org/issues/4744 (according to which if a protocol section does not exist, it is auto enabled in 6.0.x but would be auto disabled starting 7.0.x)
Updated by Philippe Antoine 11 months ago
- Target version changed from 7.0.0-rc2 to 7.0.0
Updated by Juliana Fajardini Reichow 11 months ago
- Assignee changed from Shivani Bhardwaj to Andreas Herz
Updated by Juliana Fajardini Reichow 11 months ago
- Related to Task #5474: test: review how 7 works with config from 5 and 6 added
Updated by Juliana Fajardini Reichow 11 months ago
- Tracker changed from Task to Documentation
Updated by Andreas Herz 11 months ago
We should hint on those expected warnings and how the proper config change would look like:
: decode-erspan: ERSPAN Type I is no longer configurable and it is always enabled; ignoring configuration setting. W: runmodes: eve module 'ikev2' has been replaced by 'ike'
Updated by Victor Julien 10 months ago
- Target version changed from 7.0.0 to 7.0.1
What needs to be done here? In any case, it will have to go into 7.0.1.
Updated by Andreas Herz 10 months ago
We already have most covered in https://docs.suricata.io/en/latest/upgrade.html#upgrading-6-0-to-7-0 but I would do a last review based on the latest commits. I would also add the ERSPAN Type I thing, the ike part is already included in the guide.
I have no big objections against 7.0.1 but would still make sure all relevant upgrade notes are already in the docs for 7.0.0 that people might run into
Updated by Andreas Herz 10 months ago
Updated by Victor Julien 8 months ago
- Target version changed from 7.0.1 to 7.0.2
Updated by Victor Julien 7 months ago
- Target version changed from 7.0.2 to 7.0.3
Updated by Juliana Fajardini Reichow 3 months ago
Does the aforementioned PR close this ticket?
Updated by Philippe Antoine 3 months ago
- Status changed from Assigned to Closed
@Andreas Herz it looks like https://github.com/OISF/suricata/pull/9213 resolved this ticket, please correct if we are wrong