On Mon, 8 May 2017 14:11:19 +0200 Arturo Borrero Gonzalez <[email protected]> wrote: > On 3 May 2017 at 19:58, Michael Biebl <[email protected]> wrote: > > > > If it doesn't open up any security hole, then I don't see a reason to > > not enable suricata upon installation. >
BTW, any idea on how to solve the issue about choosing a default interface name? The suricata config file points to a NIC and our current config file points by default to 'eth0', but many systems may not have it available. If we try to start suricata pointing to a non-existent interface this will fail. If we auto-start suricata after installing it with aptitude and it fails, the package may be considered installed failed. We could probably enable (but don't auto-start) the service at package install time. Comments?

