isMTv/suricata.service Secret

## suricata.service
# cat > /etc/systemd/system/suricata.service << EOF
[Unit]
Description=Suricata IDS/IDP daemon
After=network.target network-online.target
Requires=network-online.target
Documentation=man:suricata(8) man:suricatasc(8)
Documentation=https://suricata-ids.org/docs/

[Service]
Type=forking
#Environment=LD_PRELOAD=/usr/lib/libtcmalloc_minimal.so.4
PIDFile=/run/suricata.pid
ExecStart=/usr/bin/suricata -D --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid
ExecReload=/usr/bin/suricatasc -c reload-rules ; /bin/kill -HUP $MAINPID
ExecStop=/usr/bin/suricatasc -c shutdown
Restart=on-failure
ProtectSystem=full
ProtectHome=true

[Install]
WantedBy=multi-user.target
EOF
	# cat > /etc/systemd/system/suricata.service << EOF
	[Unit]
	Description=Suricata IDS/IDP daemon
	After=network.target network-online.target
	Requires=network-online.target
	Documentation=man:suricata(8) man:suricatasc(8)
	Documentation=https://suricata-ids.org/docs/

	[Service]
	Type=forking
	#Environment=LD_PRELOAD=/usr/lib/libtcmalloc_minimal.so.4
	PIDFile=/run/suricata.pid
	ExecStart=/usr/bin/suricata -D --af-packet -c /etc/suricata/suricata.yaml --pidfile /run/suricata.pid
	ExecReload=/usr/bin/suricatasc -c reload-rules ; /bin/kill -HUP $MAINPID
	ExecStop=/usr/bin/suricatasc -c shutdown
	Restart=on-failure
	ProtectSystem=full
	ProtectHome=true

	[Install]
	WantedBy=multi-user.target
	EOF