Project

General

Profile

Actions
Copy link

Feature #2659

open

Define the output rules file name.

Added by Joel Samaroo almost 6 years ago. Updated almost 2 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
Joel Samaroo
Target version:
TBD
Effort:
Difficulty:
Label:

Description

This issue is to track the ability to define the output rules file name from user input, so that the output file name isn’t always suricata.rules.

Related issues 1 (0 open1 closed)

Related to Suricata-Update - Bug #4215: Documented "--merged" option doesn't existClosedJason IshActions
Actions
Copy link
 #1

Updated by Joel Samaroo almost 6 years ago

Created pull request #61 for the solution to be merged into master code:

sample output and expected behavior:

$ suricata-update --local ~/suricata_test/jsamaroo-custom.rules --disable-conf ~/suricata_test/disable o ~/suricata_test/ -r jsamaroo-custom.rules
7/11/2018 - 03:46:44 - <Warning> -- No suricata application binary found on path.
7/11/2018 -- 03:46:44 - <Info> -- Using default Suricata version of 4.0.0
7/11/2018 -- 03:46:44 - <Info> -- Loading /home/jsamaroo/suricata_test/disable. * 7/11/2018 -- 03:46:44 - <Info> -- Setting output rule filename to jsamaroo-custom.rules*
7/11/2018 -- 03:46:44 - <Warning> -- Cache directory does not exist and could not be created. /var/tmp will be used instead.
7/11/2018 -- 03:46:44 - <Info> -- No sources configured, will use Emerging Threats Open
7/11/2018 -- 03:46:44 - <Info> -- Checking https://rules.emergingthreats.net/open/suricata-4.0.0/emerging.rules.tar.gz.md5.
7/11/2018 -- 03:46:44 - <Info> -- Remote checksum has not changed. Not fetching.
7/11/2018 -- 03:46:44 - <Info> -- Loading local file /home/jsamaroo/suricata_test/jsamaroo-custom.rules
7/11/2018 -- 03:46:44 - <Warning> -- No distribution rule directory found.
7/11/2018 -- 03:46:44 - <Info> -- Ignoring file rules/emerging-deleted.rules
7/11/2018 -- 03:46:52 - <Info> -- Loaded 47514 rules.
7/11/2018 -- 03:46:52 - <Info> -- Disabled 1 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Modified 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Dropped 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules for flowbit dependencies.
7/11/2018 -- 03:46:52 - <Info> -- Backing up current rules. * 7/11/2018 -- 03:46:57 - <Info> -- Writing rules to /home/jsamaroo/suricata_test/jsamaroo-custom.rules: total: 23757; enabled: 18856; added: 0; removed 0; modified: 1*
7/11/2018 -- 03:46:58 - <Info> -- No suricata application binary found, skipping test.
7/11/2018 -- 03:46:58 - <Info> -- Done.

Actions
Copy link
 #2

Updated by Joel Samaroo almost 6 years ago

Removed ‘-r’ flag and added logic to check whether no-merge option was provided and if so would print an error and exit, since the —output-rule-filename would have no effect. A new PR was submitted in github to track this as #79.

Actions
Copy link
 #3

Updated by Shivani Bhardwaj over 5 years ago

  • Status changed from New to Feedback
  • Target version set to TBD
  • Effort deleted (low)
  • Difficulty deleted (low)
Actions
Copy link
 #5

Updated by Jason Ish almost 4 years ago

  • Related to Bug #4215: Documented "--merged" option doesn't exist added
Actions
Copy link

Also available in: Atom PDF