Feature #419

add all options/switches available of Suri to command line

Added by Peter Manev about 2 years ago. Updated over 1 year ago.

Status:ClosedStart date:03/03/2012
Priority:NormalDue date:
Assignee:Eric Leblond% Done:

100%

Category:-Estimated time:1.00 hour
Target version:1.4rc1

Description

"--list-keywords"
"--list-proro" (or whiever it is)
"--build-info" - these guys are not there - if you don't know them, you will never find them.

currently it( #suricata , followed by "enter") displays only these:
PlatformTesting/misc# suricata
[1989] 3/3/2012 -- 07:45:11 - (suricata.c:1126) <Info> (main) -- This is Suricata version 1.3dev (rev 2f7717a)
[1989] 3/3/2012 -- 07:45:11 - (util-cpu.c:171) <Info> (UtilCpuPrintSummary) -- CPUs/cores online: 1
[1989] 3/3/2012 -- 07:45:11 - (suricata.c:1183) <Error> (main) -- [ERRCODE: SC_ERR_OPENING_FILE(40)] - Configuration file has not been provided
Suricata 1.3dev (rev 2f7717a)
USAGE: suricata

-c &lt;path&gt;                    : path to configuration file
-i &lt;dev or ip&gt; : run in pcap live mode
-F &lt;bpf filter file&gt; : bpf filter file
-r &lt;path&gt; : run in pcap file/offline mode
-s &lt;path&gt; : path to signature file loaded in addition to suricata.yaml settings (optional)
-S &lt;path&gt; : path to signature file loaded exclusively (optional)
-l &lt;dir&gt; : default log directory
-D : run as daemon
--list-runmodes : list supported runmodes
--runmode &lt;runmode_id&gt; : specific runmode modification the engine should run. The argument
supplied should be the id for the runmode obtained by running
--list-runmodes
--engine-analysis : print reports on analysis of different sections in the engine and exit.
Please have a look at the conf parameter engine-analysis on what reports
can be printed
--pidfile &lt;file&gt; : write pid to this file (only for daemon mode)
--init-errors-fatal : enable fatal failure on signature init error
--dump-config : show the running configuration
--pcap[=&lt;dev&gt;] : run in pcap mode, no value select interfaces from suricata.yaml
--pcap-buffer-size : size of the pcap buffer value from 0 - 2147483647
--user &lt;user&gt; : run suricata as this user after init
--group &lt;group&gt; : run suricata as this group after init
--erf-in &lt;path&gt; : process an ERF file

To run the engine with default configuration on interface eth0 with signature file "signatures.rules", run the command as:

suricata -c suricata.yaml -s signatures.rules -i eth0

History

#1 Updated by Victor Julien about 2 years ago

  • Assignee set to OISF Dev
  • Target version set to 1.3beta2
  • Estimated time set to 1.00

#2 Updated by Victor Julien almost 2 years ago

  • Target version changed from 1.3beta2 to 1.4

#3 Updated by Eric Leblond over 1 year ago

  • Assignee changed from OISF Dev to Eric Leblond
  • % Done changed from 0 to 70

Fixed for app-layer-list and list-keyword and build-info in https://github.com/inliniac/suricata/pull/180

#4 Updated by Eric Leblond over 1 year ago

  • % Done changed from 70 to 90

Manual check done. Everything is in the PR.

#5 Updated by Victor Julien over 1 year ago

  • Status changed from New to Closed
  • Target version changed from 1.4 to 1.4rc1
  • % Done changed from 90 to 100

Also available in: Atom PDF