[outreachy] Claiming Bug #2851

[Shivani Bhardwaj]

Hi, Vidushi!

On Wed, Mar 13, 2019 at 1:28 AM Vidushi Agrawal via Outreachy
<outreachy at lists.openinfosecfoundation.org> wrote:
>
> Hi,
> I'd like to start working on Bug #2851. If none's assigned to it yet, can it be assigned to me?
Yes, please. Go ahead and start working on it. Do you mind making an
account on redmine? I shall assign the task on tracker to you.

> Also, could you please guide me how to reproduce the issue after changing update.yaml file?
All the explanation is assuming that you have a working installation
of suricata-update.
See below.
One good thing to do would be to use "-v" flag while running
suricata-update. You'll get to know about a lot of settings and
environment like where the different cofiguration and rule files
reside which suricata-update is trying to read/write from/to.

For this particular issue, in the log after running "./bin/suricata-update -v",
Look for "Loading /path/to/update.yaml"
Then make the changes as described by the person (in the issue on
redmine) in update.yaml file on the path you just discovered from the
above mentioned log line.
On looking closely at the log, you will see a line "Parsing
rules/emerging-deleted.rules."

This is the problem that the person is defining. Despite defining in
the configuration for update to ignore any rule files with
"deleted.rules" in their name, a file with name *deleted.rules is
still being processed.

Now, apply the changes you think are ideal for this case. Run
suricata-update again with -v flag. Observe the output. The "Parsing
rules/emerging-deleted.rules." should no longer be in the log.

You could store the logs in both the cases and then run a diff on them
to see if something changed as per your expectations.
Does this help?

> Thanks,
> Vidushi
> _______________________________________________
> Outreachy mailing list
> Outreachy at lists.openinfosecfoundation.org
> https://lists.openinfosecfoundation.org/listinfo/outreachy



--
Shivani