From: Vidushi Agrawal <vidushi229@gmail.com>
Date: Sun, 5 May 2019 18:33:34 +0000 (+0530)
Subject: Parse rule files alphabetically
X-Git-Tag: 1.1.0rc1~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7e13a2f4584b154847ad0f188551a0672a65f4dc;p=thirdparty%2Fsuricata-update.git

Parse rule files alphabetically

Sort the file names before parsing them.
Example:
Currently,
```
suricata-update -v
```
generates
```
24/3/2019 -- 10:38:16 - <Debug> -- Parsing rules/emerging-chat.rules.
24/3/2019 -- 10:38:16 - <Debug> -- Parsing sslblacklist.rules.
24/3/2019 -- 10:38:16 - <Debug> -- Parsing rules/emerging-web_client.rules.
24/3/2019 -- 10:38:16 - <Debug> -- Parsing rules/botcc.portgrouped.rules.
24/3/2019 -- 10:38:16 - <Debug> -- Parsing rules/emerging-smtp.rules.
```
i.e., the rule files are not parsed in alphabetical order.

Thus, changing the parser to load these files in alphabetical order by sorting the filenames before starting to work on them fixes the issue. Now the output generated on running
```
suricata-update -v
```
is
```
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/botcc.rules.
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/ciarmy.rules.
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/compromised.rules.
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/drop.rules.
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/dshield.rules.
24/3/2019 -- 10:34:24 - <Debug> -- Parsing rules/emerging-activex.rules.
```
Rules files are now parsed in sorted order.

Closes Redmine ticket #2892
---

diff --git a/suricata/update/main.py b/suricata/update/main.py
index ea96156..c6218ed 100644
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -1321,7 +1321,7 @@ def _main():
             del(files[filename])
 
     rules = []
-    for filename in files:
+    for filename in sorted(files):
         if not filename.endswith(".rules"):
             continue
         logger.debug("Parsing %s." % (filename))