Actions
Bug #1417
closedno rules loaded - latest git - rev e250040
Affected Versions:
Effort:
Difficulty:
Label:
Description
After an upgrade from the today's git commits (rev e250040) - no rules (rule files) are loaded from suricata.yaml at all.
This ERR is present instead:
(detect.c:411) <Warning> (SigLoadSignatures) -- [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - Invalid rule-files configuration section: expected a list of filenames.
However suricata dump config shows that the rule files are specified:
suricata --dump-config -c /etc/suricata/suricata.yaml |grep rule default-rule-path = /etc/suricata/rules rule-files = (null) rule-files.0 = botcc.rules rule-files.1 = ciarmy.rules rule-files.2 = compromised.rules rule-files.3 = drop.rules rule-files.4 = dshield.rules rule-files.5 = emerging-activex.rules rule-files.6 = emerging-attack_response.rules rule-files.7 = emerging-chat.rules rule-files.8 = emerging-current_events.rules rule-files.9 = emerging-dns.rules rule-files.10 = emerging-dos.rules rule-files.11 = emerging-exploit.rules rule-files.12 = emerging-ftp.rules rule-files.13 = emerging-games.rules rule-files.14 = emerging-icmp_info.rules rule-files.15 = emerging-imap.rules rule-files.16 = emerging-inappropriate.rules rule-files.17 = emerging-malware.rules rule-files.18 = emerging-misc.rules ....
Updated by Jason Ish almost 10 years ago
- Status changed from New to Resolved
Fixed by https://github.com/inliniac/suricata/pull/1380
Sorry, must have missed the updates to conf-yaml-loader.c while committing. Fixed, and added test around setting the node as a sequence node.
I assumed that the pcaps builder was maybe loading some rules files, running some pcaps and verifying some rules fired? Is this not the case? Not sure why assumed this though.
Updated by Victor Julien almost 10 years ago
- Status changed from Resolved to Closed
- Target version set to 2.1beta4
- % Done changed from 0 to 100
Merged the PR, thanks guys.
Actions