Project

General

Profile

Actions

Feature #2659

open

Define the output rules file name.

Added by Joel Samaroo almost 3 years ago. Updated about 2 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

This issue is to track the ability to define the output rules file name from user input, so that the output file name isn’t always suricata.rules.


Related issues

Related to Bug #4215: Documented "--merged" option doesn't existClosedJason IshActions
Actions #1

Updated by Joel Samaroo almost 3 years ago

Created pull request #61 for the solution to be merged into master code:

sample output and expected behavior:

$ suricata-update --local ~/suricata_test/jsamaroo-custom.rules --disable-conf ~/suricata_test/disable o ~/suricata_test/ -r jsamaroo-custom.rules
7/11/2018 -
03:46:44 - <Warning> -- No suricata application binary found on path.
7/11/2018 -- 03:46:44 - <Info> -- Using default Suricata version of 4.0.0
7/11/2018 -- 03:46:44 - <Info> -- Loading /home/jsamaroo/suricata_test/disable. * 7/11/2018 -- 03:46:44 - <Info> -- Setting output rule filename to jsamaroo-custom.rules*
7/11/2018 -- 03:46:44 - <Warning> -- Cache directory does not exist and could not be created. /var/tmp will be used instead.
7/11/2018 -- 03:46:44 - <Info> -- No sources configured, will use Emerging Threats Open
7/11/2018 -- 03:46:44 - <Info> -- Checking https://rules.emergingthreats.net/open/suricata-4.0.0/emerging.rules.tar.gz.md5.
7/11/2018 -- 03:46:44 - <Info> -- Remote checksum has not changed. Not fetching.
7/11/2018 -- 03:46:44 - <Info> -- Loading local file /home/jsamaroo/suricata_test/jsamaroo-custom.rules
7/11/2018 -- 03:46:44 - <Warning> -- No distribution rule directory found.
7/11/2018 -- 03:46:44 - <Info> -- Ignoring file rules/emerging-deleted.rules
7/11/2018 -- 03:46:52 - <Info> -- Loaded 47514 rules.
7/11/2018 -- 03:46:52 - <Info> -- Disabled 1 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Modified 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Dropped 0 rules.
7/11/2018 -- 03:46:52 - <Info> -- Enabled 0 rules for flowbit dependencies.
7/11/2018 -- 03:46:52 - <Info> -- Backing up current rules. * 7/11/2018 -- 03:46:57 - <Info> -- Writing rules to /home/jsamaroo/suricata_test/jsamaroo-custom.rules: total: 23757; enabled: 18856; added: 0; removed 0; modified: 1*
7/11/2018 -- 03:46:58 - <Info> -- No suricata application binary found, skipping test.
7/11/2018 -- 03:46:58 - <Info> -- Done.

Actions #2

Updated by Joel Samaroo almost 3 years ago

Removed ‘-r’ flag and added logic to check whether no-merge option was provided and if so would print an error and exit, since the —output-rule-filename would have no effect. A new PR was submitted in github to track this as #79.

Actions #3

Updated by Shivani Bhardwaj over 2 years ago

  • Status changed from New to Feedback
  • Target version set to Soon
  • Effort deleted (low)
  • Difficulty deleted (low)
Actions #5

Updated by Jason Ish 9 months ago

  • Related to Bug #4215: Documented "--merged" option doesn't exist added
Actions

Also available in: Atom PDF