teak the suricata table some and update the freebsd init script

init/freebsd

@@ -23,6 +23,7 @@ load_rc_config $name
 # set defaults
 : ${lilith_enable:=NO}
 : ${lilith_user:="root"}
+: ${lilith_wheel:="wheel"}
 : ${lilith_flags:=""}
 : ${lilith_facility:="daemon"}
 : ${lilith_priority:="debug"}
@@ -31,7 +32,7 @@ pidfile="/var/run/${name}/pid"
 command="/usr/local/bin/${name}"
 command_interpreter="/usr/local/bin/perl"
 pidfile="/var/run/${name}/pid"
-command_args="-a run --daemonize"
+command_args="-a run --daemonize --user ${lilith_user} --group ${lilith_group}"
 start_precmd="${name}_precmd"
 
 lilith_precmd()

lib/Lilith.pm

@@ -286,11 +286,11 @@ sub create_tables {
 			. 'flow_pkts_toclient integer, '
 			. 'flow_bytes_toclient integer, '
 			. 'flow_start TIMESTAMP WITH TIME ZONE, '
-			. 'classification varchar(1024) NOT NULL, '
-			. 'signature varchar(2048) NOT NULL,'
-			. 'gid int NOT NULL, '
-			. 'sid bigint NOT NULL, '
-			. 'rev bigint NOT NULL, '
+			. 'classification varchar(1024), '
+			. 'signature varchar(2048),'
+			. 'gid int, '
+			. 'sid bigint, '
+			. 'rev bigint, '
 			. 'raw json NOT NULL, '
 			. 'PRIMARY KEY(id) );' );
 	$sth->execute();