Project

General

Profile

Actions

Feature #2659

open

Define the output rules file name.

Added by Joel Samaroo about 6 years ago. Updated about 2 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

This issue is to track the ability to define the output rules file name from user input, so that the output file name isn’t always suricata.rules.


Related issues 1 (0 open1 closed)

Related to Suricata-Update - Bug #4215: Documented "--merged" option doesn't existClosedJason IshActions
Actions #1

Updated by Joel Samaroo about 6 years ago

Created pull request #61 for the solution to be merged into master code:

sample output and expected behavior:

$ suricata-update --local ~/suricata_test/jsamaroo-custom.rules --disable-conf ~/suricata_test/disable o ~/suricata_test/ -r jsamaroo-custom.rules
7/11/2018 -
03:46:44 - <Warning> -- No suricata application binary found on path.
7/11/2018 -- 03:46:44 - <Info> -- Using default Suricata version of 4.0.0
7/11/2018 -- 03:46:44 - <Info> -- Loading /home/jsamaroo/suricata_test/disable. * 7/11/2018 -- 03:46:44 - <Info> -- Setting output rule filename to jsamaroo-custom.rules*
7/11/2018 -- 03:46:44 - <Warning> -- Cache directory does not exist and could not be created. /var/tmp will be used instead.
7/11/2018 -- 03:46:44 - <Info> -- No sources configured, will use Emerging Threats Open
7/11/2018 -- 03:46:44 - <Info> -- Checking https://rules.emergingthreats.net/open/suricata-4.0.0/emerging.rules.tar.gz.md5.
7/11/2018 -- 03:46:44 - <Info> -- Remote checksum has not changed. Not fetching.
7/11/2018 -- 03:46:44 - <Info> -- Loading local file /home/jsamaroo/suricata_test/jsamaroo-custom.rules
7/11/2018 -- 03:46:44 - <Warning> -- No distribution rule directory found.
7/11/2018 -- 03:46:44 - <Info> -- Ignoring file rules/emerging-deleted.rules
7/11/2018 -- 03:46:52 - <Info> -- Loaded 47514 rules.
7/11/2018 -- 03:46:52 - <Info> -- Disabled 1 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Modified 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Dropped 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules for flowbit dependencies.
7/11/2018 -- 03:46:52 - <Info> -- Backing up current rules. * 7/11/2018 -- 03:46:57 - <Info> -- Writing rules to /home/jsamaroo/suricata_test/jsamaroo-custom.rules: total: 23757; enabled: 18856; added: 0; removed 0; modified: 1*
7/11/2018 -- 03:46:58 - <Info> -- No suricata application binary found, skipping test.
7/11/2018 -- 03:46:58 - <Info> -- Done.

Actions #2

Updated by Joel Samaroo about 6 years ago

Removed ‘-r’ flag and added logic to check whether no-merge option was provided and if so would print an error and exit, since the —output-rule-filename would have no effect. A new PR was submitted in github to track this as #79.

Actions #3

Updated by Shivani Bhardwaj almost 6 years ago

  • Status changed from New to Feedback
  • Target version set to TBD
  • Effort deleted (low)
  • Difficulty deleted (low)
Actions #5

Updated by Jason Ish about 4 years ago

  • Related to Bug #4215: Documented "--merged" option doesn't exist added
Actions

Also available in: Atom PDF