Commit Graph

29 Commits (c3c8472d097fb20cd67046d406438c04e5ed3aac)

Author SHA1 Message Date
Eric Leblond bb93d67ddd unix-socket: add command to get flow stats
Add a command to extract the accounting data from a live
flow using the unix socket. It takes the flow_id as param
and return the volume of data seen on the flow as well as
its age.
3 years ago
Jason Ish 9a1d6af858 python: install without distutils
Instead of using distutils/setuptools for installing the Python code,
just install it into our own Python directory.

Distutils is being removed from Python, and setuptools doesn't work well
when trying to install into your own location. For our usage its just
simpler to install with make.

In addition to removing the configure check for distutils, also remove
the check for pyyaml. This lets the user install pyyaml after Suricata
is installed, and Suricata-Update does handle this case gracefully.

Issue: #5313
3 years ago
Jeff Lucovsky fc6fdef070 suricatasc: Handle incomplete/empty recv values
Issue: 4947

Improve handling of values returned by recv. Sometimes, recv returns an
empty string if suricata terminates asynchronously.
4 years ago
Juliana Fajardini de0ce26e3f userguide: update references to Suricata website
Many places were still referencing the old Suricata page.
Used git grep with replace to update them. Checked that new links work.
Left old references when they were only documentation examples (for
output or unittests).

Task#4915
4 years ago
Jeff Lucovsky 06f41f608c doc: Improve grammar, spelling and clarifications
This commit improves the overall documentation's grammar, spelling, and
adds clarifications  where needed.
5 years ago
jason taylor 89839e3c27 suricatasc: updates copyright date and FSF address
Signed-off-by: jason taylor <jtfas90@gmail.com>
5 years ago
jason taylor 7be7f06ac6 suricatasc: update copyright date and FSF address
Signed-off-by: jason taylor <jtfas90@gmail.com>
5 years ago
Victor Julien 7a6269798b datasets: add 'dataset-remove' unix command 6 years ago
Philippe Antoine be6f6cc6a2 python: style for suricatasc.py
Remove unnecessary return
Better comparison with None
6 years ago
Jason Ish 1b6eee829f python: fixes for installing from path with spaces
Related to Redmine issue:
https://redmine.openinfosecfoundation.org/issues/2668
6 years ago
Shivani Bhardwaj ba6b73cd10 ctl/filestore: Add check for filestore directory
Up until now, suricatactl would delete any directory that is provided as
an argument on command line. This patch adds a basic test for the
directories `tmp`, `00` and `ff` in order to justify that the provided
directory is actually a filestore directory.

Additionally, some code has been broken up and made more readable and
pythonic.

Closes redmine ticket #2843
6 years ago
Victor Julien d5ceafa2e5 suricatasc: add dataset-add command 6 years ago
Jason Ish 963abc961c python: fix parsing Suricata version from configure.ac
If parsing the version fails, or no version is found, fail
instead of defaulting to a version of 0.0.0.
6 years ago
Eric Leblond e9be6126e2 suricatasc: fix reconnect 7 years ago
Jason Ish a69afd5cf9 autoconf/python: check for distutils
Require distutils to install the Python tools. Update the logic
to only install suricatactl (and suricatasc) if Python and
distutils are found. Suricata-Update will only be installed if
bundled, and python-distutils and python-yaml are found.
7 years ago
Shivani Bhardwaj 342f3d5eec suricatactl: Clean up parser, improve help
So far the suricatactl parser was unclear about the options to use and
did not well display the required and optional param difference. Fix
that to make it legible for any user.

Before
```
└─ $ ▶ ./bin/suricatactl filestore -h
usage: suricatactl filestore [-h] {prune} ...

positional arguments:
  {prune}

optional arguments:
  -h, --help  show this help message and exit

└─ $ ▶ ./bin/suricatactl filestore prune -h
usage: suricatactl filestore prune [-h] [-d DIRECTORY] [--age AGE] [-n] [-v]
                                   [-q]

optional arguments:
  -h, --help            show this help message and exit
  -d DIRECTORY, --directory DIRECTORY
                        filestore directory
  --age AGE             prune files older than age
  -n, --dry-run         only print what would happen
  -v, --verbose         increase verbosity
  -q, --quiet           be quiet, log warnings and errors only
```

After
```
└─ $ ▶ ./bin/suricatactl filestore -h
usage: suricatactl filestore [-h] {prune} ...

positional arguments:
  {prune}     sub-command help
    prune     Remove files in specified directory older than specified age

optional arguments:
  -h, --help  show this help message and exit

└─ $ ▶ ./bin/suricatactl filestore prune -h
usage: suricatactl filestore prune [-h] -d DIRECTORY [--age AGE] [-n] [-v]
                                   [-q]

optional arguments:
  -h, --help            show this help message and exit
  -n, --dry-run         only print what would happen
  -v, --verbose         increase verbosity
  -q, --quiet           be quiet, log warnings and errors only

required arguments:
  -d DIRECTORY, --directory DIRECTORY
                        filestore directory
  --age AGE             prune files older than age, units: s, m, h, d
```
7 years ago
Shivani Bhardwaj 2b05f315e1 suricatactl: Fix PyLint issues
Pylint is a tool to make sure we do not regress the support for Python
3. The following conventions, warnings, errors, refactors have been
fixed.

W0301: Unnecessary semicolon (unnecessary-semicolon)
C0303: Trailing whitespace (trailing-whitespace)
W1401: Anomalous backslash in string
C0103: Variable name doesn't conform to snake_case naming style
R1705: Unnecessary "elif" after "return"
W1201: Specify string format arguments as logging function parameters
W0611: Unused import
R1710: Either all return statements in a function should return an expression, or none of them should
W0612: Unused variable
C0103: Method name doesn't conform to snake_case naming style
R0201: Method could be a function
7 years ago
Shivani Bhardwaj ccea7fe50a suricatactl: Make code compatible with Python 3
Call to suricatactl was failing with Python3 with the following error:
```
Traceback (most recent call last):
  File "bin/suricatactl", line 40, in <module>
    sys.exit(main())
  File "./suricata/ctl/main.py", line 50, in main
    args.func(args)
AttributeError: 'Namespace' object has no attribute 'func'
```
Fix this by making it run with Py3 just like it does with Py2.

Closes redmine ticket #2793
7 years ago
Shivani Bhardwaj b0b12021d3 suricatasc: Fix command failures
This commit addresses the following three cases:

1. Do not use maxsplit keyword arg
maxsplit argument to the split command was not a part of Python 2
and using it with Python 2 causes the following failure:
```
TypeError: split() takes no keyword arguments
```
Avoid this by eliminating all the named arguments from split.

2. Fix failure on extra arguments
Up until now, suricatasc fails if any command which is not supposed to
take args is given args.
Fix this by ignoring any extra params.
Closes redmine ticket #2813

3. Fix failure on different type of args
If a command was given a string argument where it expected an int, it
would fail and the process would exit.
Fix this by handling the exception caused in such cases.
Closes redmine ticket #2812
7 years ago
Shivani Bhardwaj 27842c3750 suricatasc: Use better exception message, sort imports
Up until now, suricatasc gives a message as follows in case a command is
missing arguments:
```
>>> list-hostbit
Arguments to command 'list-hostbit' is missing
```

Fix this up and provide a better message:
```
>>> list-hostbit
Missing arguments: expected 1
>>> pcap-file-continuous
Missing arguments: expected at least 2
```
7 years ago
Shivani Bhardwaj bf37e3f5da suricatasc: Snug the processing of different commands
Since all of the commands were following the same procedure, namely,
split the input extract the arguments, throw the error if required
argument is missing else send the command over to suricata, put all of
this in one compact function alongwith a dictionary for specifications
for different commands, the name of the argument, the type and if it is
required or not.
Following fixups come with this commit:
- Code becomes really cozy
- Split errors on a few commands are well handled
- No redundant code
- More readability

References redmine ticket #2793
7 years ago
Shivani Bhardwaj 57285b54d5 suricatasc: Get rid of issues detected by Pylint
Pylint is a tool to make sure we do not regress the support for Python
3. The following conventions, warnings, errors, refactors have been
fixed.

C0326: Exactly one space required around assignment
C0326: No space allowed around keyword argument assignment
C0325: Unnecessary parens after 'if' keyword
W0301: Unnecessary semicolon
W0702: No exception type(s) specified
W0231: __init__ method from base class 'Exception' is not called
W0107: Unnecessary pass statement
C0121: Comparison to None should be 'expr is not None'
E0602: Undefined variable 'raw_input'
W0201: Attribute 'socket' defined outside __init__
W0611: Unused import
7 years ago
Danny Browning 2dc6b6ee14 source-pcap-file: delete when done (2417)
https://redmine.openinfosecfoundation.org/issues/2417

Add option to have pcap files deleted after they have been processed.
This option combines well with pcap file continuous and streaming
files to a directory being processed.
7 years ago
Jason Ish 7e06e765f3 python: fixes for out of tree build
Autoconf/automake and python setup.py don't play that well
together with out of tree builds.

Makes suricatasc not an autoconf input file, instead use the
defaults module that is already being created.

In the case of an out of tree build, copy the generated defaults.py
to the build directory manually.
8 years ago
Jason Ish b9e083a703 python: put some defaults on suricata.config.defaults
This is a module that can contain installation default. For now
it includes the sysconfdir, and rules data directory for use
by suricata-update.
8 years ago
Jason Ish 43617dc11f suricatasc: move lib to suricata.sc
Pull the sc python package under the suricata top level
package. A suricatasc package still exists for compatibility
that pulls in suricata.sc.
8 years ago
Jason Ish 4a115f4d56 suricatasc: allow to run from non-standard python locations
When we install to a non-standard prefix, the Python modules
are not in the standard location requiring the PYTHONPATH
to be fixed up.

This wa a pre-existing issue with suricatasc, and not due to
the move into the python directory.
8 years ago
Jason Ish a7d90162d1 suricatasc: move into python/
Will be built and installed as part of the Python code used
for suricatactl, which is intended to be the generic place
for all Python utility code that gets installed with Suricata.

No change to suricatasc code.
8 years ago
Jason Ish 50b5a3a56d suricatactl: a new python script for misc. tasks
Use a new directory, Python to host the Suricata python modules.
One entry point is suricatactl, a control script for
miscalleneous tasks. Currently onl filestore pruning
is implemented.
8 years ago