]> git.ipfire.org Git - thirdparty/suricata-update.git/commitdiff
main: add fail option and handle it
authorShivani Bhardwaj <shivanib134@gmail.com>
Mon, 27 Dec 2021 17:27:50 +0000 (22:57 +0530)
committerJason Ish <jason.ish@oisf.net>
Fri, 15 Apr 2022 15:34:11 +0000 (09:34 -0600)
Ticket 4579

suricata/update/main.py
suricata/update/parsers.py

index c319940175884b9a7fff2778225bbfc0a8e4c222..9b2b177cf1e467cf51e3cc577693be5961c7f755 100644 (file)
@@ -99,6 +99,11 @@ INDEX_EXPIRATION_TIME = 60 * 60 * 24 * 14
 # Rule keywords that come with files
 file_kw = ["filemd5", "filesha1", "filesha256", "dataset"]
 
+def strict_error(msg):
+    logger.error(msg)
+    if config.args().fail:
+        sys.exit(1)
+
 class Fetch:
 
     def __init__(self):
@@ -193,9 +198,10 @@ class Fetch:
             tmp_fileobj.close()
         except URLError as err:
             if os.path.exists(tmp_filename):
-                logger.warning(
-                    "Failed to fetch %s, "
-                    "will use latest cached version: %s", url, err)
+                msg = "Failed to fetch {}, will use latest cached version: {}".format(url, err)
+                if conf.args().fail:
+                    strict_error(msg)
+                logger.warning(msg)
                 return self.extract_files(tmp_filename)
             raise err
         except IOError as err:
@@ -216,7 +222,7 @@ class Fetch:
                 files.update(fetched)
             except URLError as err:
                 url = url[0] if isinstance(url, tuple) else url
-                logger.error("Failed to fetch {}: {}".format(url, err))
+                strict_error("Failed to fetch {}: {}".format(url, err))
         else:
             for url in self.args.url:
                 files.update(self.fetch(url))
index adda46b2447254c433e1967c5476e6915f30aa78..185205c7c9c2cb8c70b74e3c44050a68507da5eb 100644 (file)
@@ -165,6 +165,9 @@ update_arg = [
     (("--offline",),
      {'action': 'store_true',
       'help': "Run offline using most recent cached rules"}),
+    (("--fail",),
+     {'action': 'store_true',
+      'help': "Strictly fail and exit in case of an error"}),
 
     # Hidden argument, --now to bypass the timebased bypass of
     # updating a ruleset.