On 3 May 2017 at 18:33, Michael Biebl <bi...@debian.org> wrote: > [dropping debian-user from CC] > > Am 03.05.2017 um 17:39 schrieb Arturo Borrero Gonzalez: >> On 3 May 2017 at 12:36, Michael Biebl <bi...@debian.org> wrote: >>> Am 03.05.2017 um 11:11 schrieb Hans: >>>> Hello all, > >>> systemctl enable suricata.service >>> >>> will do the trick. That should be done by the package though. >> >> This conflicts with what was reported in #850889 [0]. >> >> I think both arguments are valid: >> >> 1) any suricata deployment is likely to require manual configuration >> before proper service. Auto-start makes no sense. >> 2) yes, we are debian, we like things running out of the box >> >> So, I'm unsure what path to follow. >> >> In any case, a fix is not landing in stretch at this point. We should >> wait for the stretch stable release. >> >> Comments/discussion welcome. >> >> [0] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861732 > > So, if I understand you correctly, suricata comes unconfigured > out-of-the-box? What does suricata do, it it is started anyway? >
No, suricata comes pre-configured to run out of the box. You can run suricata with the basic configuration we ship in the package. The software is ready to run. But it requires rules (like a firewall) and the user setting some variables in order to let suricata know about the network environment, among other things. This is documented in our wiki [0]. Take into account that the user here is likely a system/network administrator. Someone who is supposed to know what is doing by installing suricata. [0] https://wiki.debian.org/suricata#Suricata_running_configuration
