about suricata rule update status

[Vincent Chen]

Hello, everyone

I just turn on my suricata ips and found it useful. Currently I drop traffic from the following rules
and a lot of dns garbage traffic disappeared

ET DROP Dshield Block Listed Source group *
ET DROP Spamhaus DROP Listed Traffic Inbound group *

What I am curious is will suricata receive Dshield and Spamhaus list update frequently?
I google around and found some similar rule on github is very old.

Thanks,

[someone]

Opnsense rules change at times, they are refreshed from those sites
The rules update if you do a manual rule update and install
Or can set up automatic rule updates
Note: Opnsense runs suricata rules and not snort
They are not compatible, they dont have the same engine
Your own rules can be entered manually
If its a simply rule or temporary you can use user defined rules

[Vincent Chen]

Thank you very much for your reply.

If I setup auto update rules everyday, I can
receive newest Dshield, Spamhaus block list
by daily base?

If that is the case, these two list should
be good and reliable block list to use.