From 198305fc57718f14ea0660a419792965964cb1cc Mon Sep 17 00:00:00 2001
From: listbot <sean.dexter@gmail.com>
Date: Tue, 12 May 2020 10:41:32 +0000
Subject: [PATCH] listbot integration

---
 docker/elk/logstash/Dockerfile          |  4 ++--
 docker/elk/logstash/dist/update.sh      | 10 +++++-----
 docker/suricata/dist/capture-filter.bpf |  5 ++---
 3 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/docker/elk/logstash/Dockerfile b/docker/elk/logstash/Dockerfile
index 246930a9..5f54ce56 100644
--- a/docker/elk/logstash/Dockerfile
+++ b/docker/elk/logstash/Dockerfile
@@ -18,8 +18,8 @@ RUN sed -i 's/dl-cdn/dl-2/g' /etc/apk/repositories && \
 # Get and install packages
     mkdir -p /etc/listbot && \
     cd /etc/listbot && \
-    aria2c -s16 -x 16 http://80.158.38.137/cve.yaml.bz2 && \
-    aria2c -s16 -x 16 http://80.158.38.137/iprep.yaml.bz2 && \
+    aria2c -s16 -x 16 https://listbot.sicherheitstacho.eu/cve.yaml.bz2 && \
+    aria2c -s16 -x 16 https://listbot.sicherheitstacho.eu/iprep.yaml.bz2 && \
     bunzip2 *.bz2 && \
     cd /root/dist/ && \
     mkdir -p /usr/share/logstash/ && \
diff --git a/docker/elk/logstash/dist/update.sh b/docker/elk/logstash/dist/update.sh
index efa706dd..9427262a 100644
--- a/docker/elk/logstash/dist/update.sh
+++ b/docker/elk/logstash/dist/update.sh
@@ -22,15 +22,15 @@ for i in $mySITES;
 }
 
 # Check for connectivity and download latest translation maps
-myCHECK=$(fuCHECKINET "80.158.38.137")
+myCHECK=$(fuCHECKINET "listbot.sicherheitstacho.eu")
 if [ "$myCHECK" == "0" ];
   then
-    echo "Connection to Github looks good, now downloading latest translation maps."
+    echo "Connection to Listbot looks good, now downloading latest translation maps."
     cd /etc/listbot 
-    aria2c -s16 -x 16 http://80.158.38.137/cve.yaml.bz2 && \
-    aria2c -s16 -x 16 http://80.158.38.137/iprep.yaml.bz2 && \
+    aria2c -s16 -x 16 https://listbot.sicherheitstacho.eu/cve.yaml.bz2 && \
+    aria2c -s16 -x 16 https://listbot.sicherheitstacho.eu/iprep.yaml.bz2 && \
     bunzip2 -f *.bz2
     cd /
   else
-    echo "Cannot reach Github, starting Logstash without latest translation maps."
+    echo "Cannot reach Listbot, starting Logstash without latest translation maps."
 fi
diff --git a/docker/suricata/dist/capture-filter.bpf b/docker/suricata/dist/capture-filter.bpf
index 73aa9ce4..d43d7d6e 100644
--- a/docker/suricata/dist/capture-filter.bpf
+++ b/docker/suricata/dist/capture-filter.bpf
@@ -1,4 +1,3 @@
-not (host sicherheitstacho.eu or community.sicherheitstacho.eu) and
+not (host sicherheitstacho.eu or community.sicherheitstacho.eu or listbot.sicherheitstacho.eu) and
 not (host deb.debian.org) and
-not (host index.docker.io or docker.io) and
-not (host 80.158.38.137)
+not (host index.docker.io or docker.io)