From: Jason Ish Date: Fri, 1 Apr 2022 16:34:03 +0000 (-0600) Subject: datasets: disable rule if file not found X-Git-Tag: 1.3.0rc1~25 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6c5b82791c90e2992ac9cecf99de536acd06f691;p=thirdparty%2Fsuricata-update.git datasets: disable rule if file not found If a dataset file is not found for load, print a warning and disable the rule. This will allow Suricata to pass the -T test so the working rules are updated instead of rolling back. --- diff --git a/suricata/update/main.py b/suricata/update/main.py index bc3df76..29203fc 100644 --- a/suricata/update/main.py +++ b/suricata/update/main.py @@ -1,4 +1,4 @@ -# Copyright (C) 2017 Open Information Security Foundation +# Copyright (C) 2017-2022 Open Information Security Foundation # Copyright (c) 2015-2017 Jason Ish # # You can copy, redistribute or modify this Program under the terms of @@ -452,7 +452,8 @@ def handle_dataset_files(rule, dep_files): fp.write(dep_files[source_filename].decode("utf-8")) return new_rule else: - logger.error("Dataset file '{}' was not found".format(dataset_filename)) + logger.warn("Dataset file '{}' was not found for rule {}, rule will be disabled".format(dataset_filename, rule.idstr)) + rule.enabled = False def handle_filehash_files(rule, dep_files, fhash): if not rule.enabled: