Project

General

Profile

Actions
Copy link

Bug #7421

open

parser: -s/--show-advanced option is broken

Added by Shivani Bhardwaj 8 months ago. Updated 17 days ago.

Status:
Assigned
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:

Description

suricata-update should ideally show the advanced options available that are not directly a part of the main parser.

Actions
Copy link
 #1

Updated by Philippe Antoine 18 days ago

  • Assignee set to OISF Dev
Actions
Copy link
 #2

Updated by Jason Ish 18 days ago

  • Target version set to TBD

Do we have an example here? I won't really understand the issue.

Actions
Copy link
 #3

Updated by Shivani Bhardwaj 17 days ago

Jason Ish wrote in #note-2:

Do we have an example here? I won't really understand the issue.

I think the problem is that we hide a lot of useful options like --local , --url behind --show-advanced option but this option is actually only useful when used alongwith -h so it's a bit misleading. See the output below.

 ❯ python3 ./bin/suricata-update -h
usage: suricata-update update [-h] [-v] [-q] [-D <directory>] [-c <filename>] [--suricata-conf <filename>]
                              [--suricata <path>] [--suricata-version <version>] [-V] [-s] [-o <directory>] [-f]
                              [--disable-conf <filename>] [--enable-conf <filename>] [--modify-conf <filename>]
                              [--drop-conf <filename>] [--no-reload] [--no-test] [--offline] [--fail]

options:
  -h, --help            show this help message and exit
  -v, --verbose         Be more verbose
  -q, --quiet           Be quiet, warning and error messages only
  -D <directory>, --data-dir <directory>
                        Data directory (default: /var/lib/suricata)
  -c <filename>, --config <filename>
                        configuration file (default: /etc/suricata/update.yaml)
  --suricata-conf <filename>
                        configuration file (default: /etc/suricata/suricata.yaml)
  --suricata <path>     Path to Suricata program
  --suricata-version <version>
                        Override Suricata version
  -V, --version         Display version
  -s, --show-advanced   Show advanced options
  -o <directory>, --output <directory>
                        Directory to write rules to
  -f, --force           Force operations that might otherwise be skipped
  --disable-conf <filename>
                        Filename of rule disable filters
  --enable-conf <filename>
                        Filename of rule enable filters
  --modify-conf <filename>
                        Filename of rule modification filters
  --drop-conf <filename>
                        Filename of drop rule filters
  --no-reload           Disable reload
  --no-test             Disable testing rules with Suricata
  --offline             Run offline using most recent cached rules
  --fail                Strictly fail and exit in case of an error

other commands:

If you do python3 ./bin/suricata-update --show-advanced, suricata-update ignores the option altogether and runs as if no option was provided.

It works correctly when used as: python3 ./bin/suricata-update -h --show-advanced

So, either we should clarify in the help section how --show-advanced should be used or make it an independent option.
wdyt?

Actions
Copy link

Also available in: Atom PDF