Support #1681
closedMissing commands in suricatasc
Description
Hey,
I want to report a bug we briefly discussed on IRC.
Issue: the pcap-file command appears to be missing in the Unix socket interface
[root@rkv-ids-node003 suricata-3.0]STAGING# python2 scripts/suricatasc/suricatasc -v -c 'pcap-file /root/foo.pcap /var/log/suricata'
SND: {"version": "0.1"}
RCV: {"return": "OK"}
SND: {"command": "command-list"}
RCV: {"message": {"count": 17, "commands": ["shutdown", "command-list", "help", "version", "uptime", "running-mode", "capture-mode", "conf-get", "dump-counters", "reload-rules", "register-tenant-handler", "unregister-tenant-handler", "register-tenant", "reload-tenant", "unregister-tenant", "iface-stat", "iface-list"]}, "return": "OK"}
Traceback (most recent call last):
File "scripts/suricatasc/suricatasc", line 45, in <module>
(command, arguments) = sc.parse_command(args.command)
File "/usr/lib64/python2.7/site-packages/suricatasc/suricatasc.py", line 284, in parse_command
raise SuricataCommandException("Unknown command '%s'" % (command))
suricatasc.suricatasc.SuricataCommandException: Unknown command 'pcap-file /root/foo.pcap /var/log/suricata'
[root@rkv-ids-node003 suricata-3.0]STAGING# python2 scripts/suricatasc/suricatasc Command list: shutdown, command-list, help, version, uptime, running-mode, capture-mode, conf-get, dump-counters, reload-rules, register-tenant-handler, unregister-tenant-handler, register-tenant, reload-tenant, unregister-tenant, iface-stat, iface-list, quit
I used the stable tarball.
md5sum suricata-3.0.tar.gz a964af69263592c625b56f72d49e8d24 suricata-3.0.tar.gz
I compiled it:
./configure --enable-luajit --with-libpcap_ng-libraries=/usr/local/lib --with-libpcap_ng-includes=/usr/local/include/ --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ --disable-gccmarch-native --enable-gccprotect --with-libluajit-includes=/usr/include/luajit-2.0 --with-libluajit-libraries=/usr/lib/ --with-libnss-libraries=/usr/lib --with-libnss-includes=/usr/include/nss/ --with-libnspr-libraries=/usr/lib --enable-unittests
Unit tests pass from suricata -u U
==== TEST RESULTS ==== PASSED: 3776 FAILED: 0 ======================
In the 2.0.X versions it was like:
suricatasc Command list: shutdown, command-list, help, version, uptime, running-mode, capture-mode, conf-get, dump-counters, pcap-file, pcap-file-number, pcap-file-list, pcap-current, quit
Best,
Marius
Updated by Eric Leblond almost 10 years ago
Marius Ciepluch wrote:
Hey,
I want to report a bug we briefly discussed on IRC.
Issue: the pcap-file command appears to be missing in the Unix socket interface
Are you sure you are running in unix mode ? Just tested here and "suricata --unix-socket" gives me$ suricatasc
Command list: shutdown, command-list, help, version, uptime, running-mode, capture-mode, conf-get, dump-counters, reload-rules, register-tenant-handler, unregister-tenant-handler, register-tenant, reload-tenant, unregister-tenant, pcap-file, pcap-file-number, pcap-file-list, pcap-current, quit
Updated by Marius Ciepluch almost 10 years ago
You are right. The commands in the Unix socket interface show up depending on mode. Sorry for the confusin.
Updated by Victor Julien almost 10 years ago
- Tracker changed from Bug to Support
- Status changed from New to Closed
- Target version deleted (
3.0)