doc: add upgrade page

5 years ago · 1c27a99827
parent 697410cbbf
commit 1c27a99827
3 changed files with 58 additions and 0 deletions
--- a/doc/userguide/Makefile.am
+++ b/doc/userguide/Makefile.am
@ -8,6 +8,7 @@ EXTRA_DIST = \
 	configuration \
 	file-extraction \
 	index.rst \
+	upgrade.rst \
 	initscripts.rst \
 	install.rst \
 	licenses \
--- a/doc/userguide/index.rst
+++ b/doc/userguide/index.rst
@ -8,6 +8,7 @@ Suricata User Guide
   what-is-suricata
   quickstart
   install.rst
+   upgrade.rst
   command-line-options
   rules/index.rst
   rule-management/index.rst
--- a/doc/userguide/upgrade.rst
+++ b/doc/userguide/upgrade.rst
@ -0,0 +1,56 @@
+Upgrading
+=========
+
+General instructions
+--------------------
+
+Suricata can be upgraded by simply installing the new version to the same
+locations as the already installed version. When installing from source,
+this means passing the same ``--prefix``, ``--sysconfdir``,
+``--localstatedir`` and ``--datadir`` options to ``configure``.
+
+::
+
+    $ suricata --build-info|grep -A 3 '\-\-prefix'
+        --prefix                                 /usr
+        --sysconfdir                             /etc
+        --localstatedir                          /var
+        --datarootdir                            /usr/share
+
+
+Configuration Updates
+~~~~~~~~~~~~~~~~~~~~~
+
+New versions of Suricata will occationally include updated config files:
+``classification.config`` and ``reference.config``. Since the Suricata
+installation will not overwrite these if they exist, they should be manually
+updated. If there are no local modifications they can simply be overwritten
+by the ones Suricata supplies.
+
+Major updates include new features, new default settings and often also
+remove features.
+
+
+Upgrading 4.1 to 5.0
+--------------------
+
+Major changes
+~~~~~~~~~~~~~
+- New protocols enabled by default: snmp (new config only)
+- New protocols disabled by default: rdp, sip
+- New defaults for protocols: nfs, smb, tftp, krb5 ntp are all enabled
+  by default (new config only)
+- VXLAN decoder enabled by default. To disable, set
+  ``decoder.vxlan.enabled`` to ``false``.
+- HTTP LZMA support enabled by default. To disable, set ``lzma-enabled``
+  to ``false`` in each of the ``libhtp`` configurations in use.
+- classification.config updated. ET 5.0 ruleset will use this.
+- decoder event counters use 'decoder.event' as prefix now. This can
+  be controlled using the ``stats.decoder-events-prefix`` setting.
+
+Removals
+~~~~~~~~
+- ``dns-log``, the text dns log. Use EVE.dns instead.
+- ``file-log``, the non-EVE JSON file log. Use EVE.files instead.
+
+See https://suricata-ids.org/about/deprecation-policy/