Project

General

Profile

Actions

Optimization #3372

closed

Suricata update downloads future versions

Added by Peter Manev almost 5 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Target version:
-
Effort:
Difficulty:
Label:

Description

It is not critical but when compiling suricata git master with git SU it may give the end user the impression 5.0.1 is out - which is not the case as of the time of posting this ticket.

make[1]: Entering directory '/home/pevma/Work/Suricata/QA/tmp/suricata'
LD_LIBRARY_PATH=/opt/suritest/lib /opt/suritest/bin/suricata-update \
    --suricata /opt/suritest/bin/suricata \
    --suricata-conf /opt/suritest/etc/suricata/suricata.yaml \
    --no-test --no-reload
27/11/2019 -- 08:17:14 - <Info> -- Using data-directory /opt/suritest/var/lib/suricata.
27/11/2019 -- 08:17:14 - <Info> -- Using /opt/suritest/share/suricata/rules for Suricata provided rules.
27/11/2019 -- 08:17:14 - <Info> -- Found Suricata version 5.0.1-dev at /opt/suritest/bin/suricata.
27/11/2019 -- 08:17:14 - <Info> -- Loading /opt/suritest/etc/suricata/suricata.yaml
27/11/2019 -- 08:17:15 - <Info> -- Disabling rules with proto modbus
27/11/2019 -- 08:17:15 - <Info> -- Disabling rules with proto dnp3
27/11/2019 -- 08:17:15 - <Info> -- Disabling rules with proto enip
27/11/2019 -- 08:17:15 - <Info> -- No sources configured, will use Emerging Threats Open
27/11/2019 -- 08:17:15 - <Info> -- Checking https://rules.emergingthreats.net/open/suricata-5.0.1/emerging.rules.tar.gz.md5.
27/11/2019 -- 08:17:16 - <Info> -- Fetching https://rules.emergingthreats.net/open/suricata-5.0.1/emerging.rules.tar.gz.
 100% - 2497130/2497130               
27/11/2019 -- 08:17:20 - <Info> -- Done.

https://rules.emergingthreats.net/open/suricata-5.0.0/emerging.rules.tar.gz

staying with the latest stable might work better (or maybe "suricata-git"/"suricata-edge")

Related issues 1 (1 open0 closed)

Related to Suricata-Update - Feature #2784: rules index update - ssl blacklistsNewJason IshActions
Actions #1

Updated by Jason Ish almost 5 years ago

My first thought is that if the only issue is that the user "may get the impression" a new version is out, then we leave it as is.

The issue with fixing it is that we're adding special embedded behaviour for a specific ruleset. Personally I find it less confusing if "suricata -V" outputs 5.0.1dev, that I see 5.0.1 rules being requested vs some other version.

Related is adding version specifiers into the index: https://redmine.openinfosecfoundation.org/issues/2784

Actions #2

Updated by Peter Manev almost 5 years ago

I like the index version specifiers approach better than the hard coded one.

Actions #3

Updated by Shivani Bhardwaj almost 5 years ago

  • Related to Feature #2784: rules index update - ssl blacklists added
Actions #4

Updated by Shivani Bhardwaj almost 5 years ago

Is it OK to close this issue then, Peter?

Actions #5

Updated by Peter Manev almost 5 years ago

  • Status changed from New to Closed

Yes, sure.

Actions

Also available in: Atom PDF