4 files changed, 24 insertions, 1 deletions

diff --git a/meta-security/recipes-security/suricata/files/emerging.rules.tar.gz b/meta-security/recipes-security/suricata/files/emerging.rules.tar.gz
new file mode 100644
index 000000000..aed375474
--- /dev/null
+++ b/meta-security/recipes-security/suricata/files/emerging.rules.tar.gz
diff --git a/meta-security/recipes-security/suricata/files/run-ptest b/meta-security/recipes-security/suricata/files/run-ptest
new file mode 100644
index 000000000..666ba9c95
--- /dev/null
+++ b/meta-security/recipes-security/suricata/files/run-ptest
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+suricata -u
diff --git a/meta-security/recipes-security/suricata/files/suricata.service b/meta-security/recipes-security/suricata/files/suricata.service
new file mode 100644
index 000000000..a99a76ef8
--- /dev/null
+++ b/meta-security/recipes-security/suricata/files/suricata.service
@@ -0,0 +1,20 @@
+[Unit]
+Description=Suricata IDS/IDP daemon
+After=network.target
+Requires=network.target
+Documentation=man:suricata(8) man:suricatasc(8)
+Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki
+
+[Service]
+Type=simple
+CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_RAW
+RestrictAddressFamilies=
+ExecStart=/usr/bin/suricata -c /etc/suricata/suricata.yaml eth0
+ExecReload=/bin/kill -HUP $MAINPID
+PrivateTmp=yes
+ProtectHome=yes
+ProtectSystem=yes
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/meta-security/recipes-security/suricata/files/suricata.yaml b/meta-security/recipes-security/suricata/files/suricata.yaml
index 90417b03d..8d06a2744 100644
--- a/meta-security/recipes-security/suricata/files/suricata.yaml
+++ b/meta-security/recipes-security/suricata/files/suricata.yaml
@@ -787,7 +787,7 @@ logging:
       enabled: no
       filename: /var/log/suricata.log
   - syslog:
-      enabled: no
+      enabled: yes
       facility: local5
       format: "[%i] <%d> -- "