Project

General

Profile

Actions
Copy link

Feature #3464

closed
SB PA

suricata-verify: Add unix-socket support

Feature #3464: suricata-verify: Add unix-socket support

Added by Shivani Bhardwaj about 6 years ago. Updated 3 months ago.

Status:
Closed
Priority:
Low
Assignee:
Philippe Antoine
Target version:
QA
Effort:
Difficulty:
Label:

Description

suricata-verify should be able to test unix-socket commands.

VJ Updated by Victor Julien about 6 years ago Actions
Copy link
 #1

  • Priority changed from Normal to Low

I wonder if we should split this ticket in 2:

1. be able to run the standard tests in unix socket (so instead of running suricata -r ... set up unix socket and run through suricatasc)
2. add special support for adding tests that interact with unix socket to test issues like #3448

SB Updated by Shivani Bhardwaj over 5 years ago Actions
Copy link
 #2

  • Assignee changed from Shivani Bhardwaj to Community Ticket

SB Updated by Shivani Bhardwaj about 5 years ago Actions
Copy link
 #3

Relevant conversation:

Victor Julien
In shell you would start suri to go into the background suricata .... & and then issue the commands, where you capture suri's PID so you can kill it after you're done.

But I think this isn't as nice as an error in the script can easily leave suri running.

Shivani Bhardwaj
I see. We could probably have a blanket try..except..finally block which makes sure that suri is killed (how barbaric!) even if there was an exception. Would it still miss any cases?

Victor Julien
That sounds sane to me. We'd first issue a shutdown over unix socket, and if suri is still running after that do a force kill and fail the test.

JI Updated by Jason Ish almost 5 years ago Actions
Copy link
 #4

  • Assignee changed from Community Ticket to Jason Ish

JI Updated by Jason Ish 9 months ago Actions
Copy link
 #5

  • Status changed from Assigned to New
  • Assignee changed from Jason Ish to OISF Dev

Assigning back to OISF Dev just to avoid the appearance that I might be working on this which I'm not. I might in the future, but not on my radar right now.

PA Updated by Philippe Antoine 5 months ago Actions
Copy link
 #6

  • Assignee changed from OISF Dev to Philippe Antoine

PA Updated by Philippe Antoine 4 months ago Actions
Copy link
 #7

Philippe Antoine wrote in #note-6:

Create test for https://github.com/OISF/suricata/pull/14296

Just need to
- launch suricata --unix-socket
- wait for log Engine started
- run suricatasc -c "add-hostbit fe80:0000:0000:0000:6600:6aff:fe5b:8f4a test 60"
- get no ASAN crash but {"message":"hostbit added","return":"OK"} (must use a rule like alert icmp any any -> any any (itype:8; hostbits:isset,test,dst; sid:2;) )
- kill suricata

PA Updated by Philippe Antoine 3 months ago Actions
Copy link
 #9

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom