[OISF/outreachy] Task #2879 help needed

megha Varshney varshney.megha070 at gmail.com
Sun Mar 31 17:05:59 UTC 2019


Greetings,
After running suricata-update forcefully I am getting this.
31/3/2019 -- 20:59:48 - <Info> -- Using data-directory
/usr/local/var/lib/suricata.
31/3/2019 -- 20:59:48 - <Info> -- Using Suricata configuration
/usr/local/etc/suricata/suricata.yaml
31/3/2019 -- 20:59:48 - <Info> -- Using /usr/local/etc/suricata/rules for
Suricata provided rules.
31/3/2019 -- 20:59:48 - <Info> -- Found Suricata version 5.0.0-dev at
/usr/local/bin/suricata.
31/3/2019 -- 20:59:48 - <Info> -- Loading
/usr/local/etc/suricata/suricata.yaml
31/3/2019 -- 20:59:48 - <Error> -- [ERRCODE: SC_ERR_FATAL(171)] - failed to
open file: /usr/local/etc/suricata/suricata.yaml: Permission denied
Traceback (most recent call last):
  File "./bin/suricata-update", line 33, in <module>
    sys.exit(main.main())
  File "/home/megha/suricata/suricata-update/suricata/update/main.py", line
1468, in main
    sys.exit(_main())
  File "/home/megha/suricata/suricata-update/suricata/update/main.py", line
1300, in _main
    config.get("suricata-conf"), suricata_path=suricata_path)
  File "/home/megha/suricata/suricata-update/suricata/update/engine.py",
line 96, in load
    env=env)
  File "/home/megha/anaconda3/lib/python3.6/subprocess.py", line 356, in
check_output
    **kwargs).stdout
  File "/home/megha/anaconda3/lib/python3.6/subprocess.py", line 438, in run
    output=stdout, stderr=stderr)
subprocess.CalledProcessError: Command '['/usr/local/bin/suricata', '-c',
'/usr/local/etc/suricata/suricata.yaml', '--dump-config']' returned
non-zero exit status 1.

I don't have a file named as suricata.rules
Regards
Megha



On Sun, 31 Mar 2019 at 18:55, megha Varshney <varshney.megha070 at gmail.com>
wrote:

> Greetings,
> I have raised a pull request but haven't tested my code as yet. I followed
> the aforementioned test routine but was unclear with copying rules part.
> Please review my PR and let me know the necessary changes.
>
> Regards
> Megha
>
> On Sun, 31 Mar 2019 at 14:03, Shivani Bhardwaj <
> sbhardwaj at openinfosecfoundation.org> wrote:
>
>> Hi, Megha!
>>
>> On Sat, Mar 30, 2019 at 12:14 PM megha Varshney
>> <varshney.megha070 at gmail.com> wrote:
>> >
>> > Greetings,
>> > I made changes to main.py file such that whenever a duplicate sid is
>> encountered it will log a warning. I am trying testing my code, I wanted to
>> ask if , do I need to make changes to rule.py file if yes, what changes do
>> i need to make.
>> Did you try and follow the test routine that I shared with you? Are
>> you able to see the results as per the changes you made in your
>> main.py? If yes, then you do not need to make any changes to any other
>> file. Maybe I am unclear about your question yet again, so if you are
>> not seeing the results of testing, there may be something wrong with
>> the changes you made and/or performing the test routine. So, it would
>> be helpful for me to answer if you target the specific question out of
>> these. And, if there is something concerning your code, maybe sending
>> a PR would be nice so that we can review and leave comments on whether
>> the code is correct.
>>
>> > Regards
>> > Megha
>> >
>> > On Sat, 30 Mar 2019 at 00:38, Shivani Bhardwaj <
>> sbhardwaj at openinfosecfoundation.org> wrote:
>> >>
>> >> On Fri, Mar 29, 2019 at 10:05 PM megha Varshney
>> >> <varshney.megha070 at gmail.com> wrote:
>> >> >
>> >> > Greetings,
>> >> > Thank you so much for the above article but I was unable to test my
>> code. I ain't getting from where do I need to copy the rules.
>> >> >
>> >> I do not understand. Could you please explain what have you done so
>> >> far and what are you trying to achieve?
>> >>
>> >> > Regards,
>> >> > Megha
>> >> >
>> >> > On Mon, 25 Mar 2019 at 17:13, Shivani Bhardwaj <
>> sbhardwaj at openinfosecfoundation.org> wrote:
>> >> >>
>> >> >> Hi, Megha!
>> >> >>
>> >> >> On Sat, Mar 23, 2019 at 2:26 AM megha Varshney
>> >> >> <varshney.megha070 at gmail.com> wrote:
>> >> >> >
>> >> >> > Greetings,
>> >> >> > Could you please help me in testing my code?
>> >> >>
>> >> >> I just wrote a test routine here for you:
>> >> >> https://gist.github.com/shivan1b/be0cee4e9edcd63f678ac806abbc0291
>> >> >>
>> >> >> After applying the changes, you should look for the log message that
>> >> >> you have written in the last step on console justifying your case.
>> >> >>
>> >> >> Let me know if you need more help.
>> >> >>
>> >> >> > Regards
>> >> >> > Megha
>> >> >> >
>> >> >> > On Mon, 18 Mar 2019 at 13:52, Shivani Bhardwaj <
>> sbhardwaj at openinfosecfoundation.org> wrote:
>> >> >> >>
>> >> >> >> Hi Megha!
>> >> >> >>
>> >> >> >> On Sat, Mar 16, 2019 at 1:33 AM megha Varshney
>> >> >> >> <varshney.megha070 at gmail.com> wrote:
>> >> >> >> >
>> >> >> >> > Greetings,
>> >> >> >> > Do I need to include the following code snippet in
>> build_rule_map function of the main.py file?
>> >> >> >> > FORMAT = '%(version)s %(message)s'
>> >> >> >> > logging.basicConfig(format=FORMAT)
>> >> >> >> > d={'version: rule'}
>> >> >> >> > logger = logging.getLogger('tcpserver')
>> >> >> >> > logger.warning('Found duplicate rule ID %s', 'keeping one with
>> higher revision')
>> >> >> >> >
>> >> >> >>
>> >> >> >> Please do a "Reply-all" in all your emails so that if I am
>> unavailable
>> >> >> >> (like I was for past two days) someone else can help you. You
>> should
>> >> >> >> try and ask for code reviews only on the PRs you send. However,
>> if you
>> >> >> >> need any help with understanding the issue, testing routine, etc
>> >> >> >> you're free to ask. Please make sure to have tested the code
>> before
>> >> >> >> you send a PR.
>> >> >> >>
>> >> >> >> > Regards,
>> >> >> >> > Megha
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > On Fri, 15 Mar 2019 at 14:54, megha Varshney <
>> varshney.megha070 at gmail.com> wrote:
>> >> >> >> >>
>> >> >> >> >> Thanks a lot. Will try looking for this.
>> >> >> >> >>
>> >> >> >> >> On Fri, 15 Mar 2019 at 14:48, Shivani Bhardwaj <
>> sbhardwaj at openinfosecfoundation.org> wrote:
>> >> >> >> >>>
>> >> >> >> >>> On Fri, Mar 15, 2019 at 2:38 PM megha Varshney via Outreachy
>> >> >> >> >>> <outreachy at lists.openinfosecfoundation.org> wrote:
>> >> >> >> >>> >
>> >> >> >> >>> > Greetings,
>> >> >> >> >>> > I read the documentation and tried understanding the code
>> snippets but I couldn't get, where do I need to start in order to complete
>> the task assigned.
>> >> >> >> >>> >
>> >> >> >> >>> Maybe this will be helpful to know what sid is:
>> >> >> >> >>>
>> https://suricata.readthedocs.io/en/suricata-4.1.2/rules/meta.html#sid-signature-id
>> >> >> >> >>> As Jason had mentioned in the issue that it has already been
>> >> >> >> >>> implemented, your task is to look up the code of
>> suricata-update and
>> >> >> >> >>> see where sids are being processed for duplicate IDs.
>> >> >> >> >>> Does this make sense?
>> >> >> >> >>>
>> >> >> >> >>> > Regards,
>> >> >> >> >>> > Megha Varshney
>> >> >> >> >>> > _______________________________________________
>> >> >> >> >>> > Outreachy mailing list
>> >> >> >> >>> > Outreachy at lists.openinfosecfoundation.org
>> >> >> >> >>> > https://lists.openinfosecfoundation.org/listinfo/outreachy
>> >> >> >> >>>
>> >> >> >> >>>
>> >> >> >> >>>
>> >> >> >> >>> --
>> >> >> >> >>> Shivani
>> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >> >> --
>> >> >> >> Shivani
>> >> >>
>> >> >>
>> >> >>
>> >> >> --
>> >> >> Shivani
>> >>
>> >>
>> >>
>> >> --
>> >> Shivani
>>
>>
>>
>> --
>> Shivani
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/outreachy/attachments/20190331/7e7ed7e5/attachment-0001.html>


More information about the Outreachy mailing list