stupidpupil/suricata.service

## suricata.service
[Unit]
Description=Suricata IDS/IDP daemon
After=network.target
Requires=network.target
Documentation=man:suricata(8) man:suricatasc(8)
Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki

[Service]
Type=forking
Environment=LD_PREDLOAD=/usr/lib/libtcmalloc_minimal.so.4
Environment=CFG=/etc/suricata/suricata.yaml PID=/var/run/suricata.pid
CapabilityBoundingSet=CAP_NET_ADMIN
PIDFile=/var/run/suricata.pid
ExecStart=/usr/bin/suricata -D -q 0 -q 1 -c $CFG --pidfile $PID -D
ExecReload=/bin/kill -HUP $MAINPID
ExecStop=/bin/kill $MAINPID
PrivateTmp=yes
InaccessibleDirectories=/home /root
ReadOnlyDirectories=/boot /usr /etc

[Install]
WantedBy=multi-user.target
	[Unit]
	Description=Suricata IDS/IDP daemon
	After=network.target
	Requires=network.target
	Documentation=man:suricata(8) man:suricatasc(8)
	Documentation=https://redmine.openinfosecfoundation.org/projects/suricata/wiki

	[Service]
	Type=forking
	Environment=LD_PREDLOAD=/usr/lib/libtcmalloc_minimal.so.4
	Environment=CFG=/etc/suricata/suricata.yaml PID=/var/run/suricata.pid
	CapabilityBoundingSet=CAP_NET_ADMIN
	PIDFile=/var/run/suricata.pid
	ExecStart=/usr/bin/suricata -D -q 0 -q 1 -c $CFG --pidfile $PID -D
	ExecReload=/bin/kill -HUP $MAINPID
	ExecStop=/bin/kill $MAINPID
	PrivateTmp=yes
	InaccessibleDirectories=/home /root
	ReadOnlyDirectories=/boot /usr /etc

	[Install]
	WantedBy=multi-user.target