From 576d218cd9334beaaad706d96bbfba096dd7f7a3 Mon Sep 17 00:00:00 2001 From: m0duspwnens Date: Fri, 6 Sep 2024 08:10:59 -0400 Subject: [PATCH] dont restart suricata during setup. retry rule reload for 3 minutes --- salt/suricata/tools/sbin/so-suricata-reload-rules | 4 ++-- setup/so-setup | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/salt/suricata/tools/sbin/so-suricata-reload-rules b/salt/suricata/tools/sbin/so-suricata-reload-rules index 099cd2f7c..e09474b6e 100644 --- a/salt/suricata/tools/sbin/so-suricata-reload-rules +++ b/salt/suricata/tools/sbin/so-suricata-reload-rules @@ -7,5 +7,5 @@ . /usr/sbin/so-common -retry 40 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c reload-rules /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' -retry 40 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c ruleset-reload-nonblocking /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' +retry 60 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c reload-rules /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' || fail "The Suricata container was not ready in time." +retry 60 3 'docker exec -it so-suricata /opt/suricata/bin/suricatasc -c ruleset-reload-nonblocking /var/run/suricata/suricata-command.socket' '{"message": "done", "return": "OK"}' || fail "The Suricata container was not ready in time." diff --git a/setup/so-setup b/setup/so-setup index bd8a8c6ba..cb4e7ebf0 100755 --- a/setup/so-setup +++ b/setup/so-setup @@ -759,8 +759,8 @@ if ! [[ -f $install_opt_file ]]; then title "Downloading IDS Rules" logCmd "so-rule-update" if [[ $monints || $is_import ]]; then - title "Restarting Suricata to pick up the new rules" - logCmd "so-suricata-restart" + title "Applying the Suricata state to load the new rules" + logCmd "salt-call state.apply suricata -l info" fi fi title "Setting up Kibana Default Space"