Comments (6)
jasonish
commented on June 20, 2024
Staging this for release: #96
from py-idstools.
jasonish
commented on June 20, 2024
0.6.5 released.
from py-idstools.
marcindulak
commented on June 20, 2024
Have you tested with the Dockerfile build docker build --progress=plain --no-cache --pull -t py-idstools:latest .
FROM python:3.13-rc-bookworm
RUN set -x \
&& apt-get update \
&& apt-get install -y git
RUN set -x \
&& pip install pytest
RUN set -x \
&& git clone https://github.com/jasonish/py-idstools/ \
&& cd py-idstools \
&& git checkout 51aebc019b5f3132aa6d63b5dc3c17b03a2f5c8c \
&& PYTHONPATH=. pytest -Werror -v
CMD ["/bin/bash"]
I'm still gettting some "invalid escape sequence" with 51aebc0
#4 2.751 HEAD is now at 51aebc0 version: 0.6.5
#4 2.752 + PYTHONPATH=. pytest -Werror -v
#4 3.185 ============================= test session starts ==============================
#4 3.185 platform linux -- Python 3.13.0a1, pytest-7.4.3, pluggy-1.3.0 -- /usr/local/bin/python
#4 3.185 cachedir: .pytest_cache
#4 3.185 rootdir: /py-idstools
#4 3.185 collecting ... collected 33 items / 3 errors
#4 3.989
#4 3.989 ==================================== ERRORS ====================================
#4 3.989 _____________________ ERROR collecting tests/test_rule.py ______________________
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/python.py:617: in _importtestmodule
#4 3.989 mod = import_path(self.path, mode=importmode, root=self.config.rootpath)
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/pathlib.py:567: in import_path
#4 3.989 importlib.import_module(module_name)
#4 3.989 /usr/local/lib/python3.13/importlib/__init__.py:88: in import_module
#4 3.989 return _bootstrap._gcd_import(name[level:], package, level)
#4 3.989 <frozen importlib._bootstrap>:1381: in _gcd_import
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1354: in _find_and_load
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1325: in _find_and_load_unlocked
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:929: in _load_unlocked
#4 3.989 ???
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/assertion/rewrite.py:177: in exec_module
#4 3.989 source_stat, co = _rewrite_test(fn, self.config)
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/assertion/rewrite.py:359: in _rewrite_test
#4 3.989 tree = ast.parse(source, filename=strfn)
#4 3.989 /usr/local/lib/python3.13/ast.py:54: in parse
#4 3.989 return compile(source, filename, mode, flags,
#4 3.989 E File "/py-idstools/tests/test_rule.py", line 40
#4 3.989 E rule = idstools.rule.parse("""alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Request to .in FakeAV Campaign June 19 2012 exe or zip"; flow:established,to_server; content:"setup."; fast_pattern:only; http_uri; content:".in|0d 0a|"; flowbits:isset,somebit; flowbits:unset,otherbit; http_header; pcre:"/\/[a-f0-9]{16}\/([a-z0-9]{1,3}\/)?setup\.(exe|zip)$/U"; pcre:"/^Host\x3a\s.+\.in\r?$/Hmi"; metadata:stage,hostile_download; reference:url,isc.sans.edu/diary/+Vulnerabilityqueerprocessbrittleness/13501; classtype:trojan-activity; sid:2014929; rev:1;)""")
#4 3.989 E ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#4 3.989 E SyntaxError: invalid escape sequence '\/'
#4 3.989 ____________________ ERROR collecting tests/test_rulecat.py ____________________
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/python.py:617: in _importtestmodule
#4 3.989 mod = import_path(self.path, mode=importmode, root=self.config.rootpath)
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/pathlib.py:567: in import_path
#4 3.989 importlib.import_module(module_name)
#4 3.989 /usr/local/lib/python3.13/importlib/__init__.py:88: in import_module
#4 3.989 return _bootstrap._gcd_import(name[level:], package, level)
#4 3.989 <frozen importlib._bootstrap>:1381: in _gcd_import
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1354: in _find_and_load
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1325: in _find_and_load_unlocked
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:929: in _load_unlocked
#4 3.989 ???
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/assertion/rewrite.py:186: in exec_module
#4 3.989 exec(co, module.__dict__)
#4 3.989 tests/test_rulecat.py:37: in <module>
#4 3.989 from idstools.scripts import rulecat
#4 3.989 idstools/scripts/rulecat.py:48: in <module>
#4 3.989 import idstools.suricata
#4 3.989 E File "/py-idstools/idstools/suricata.py", line 51
#4 3.989 E m = re.search("((\d+)\.(\d+)(\.(\d+))?(\w+)?)", str(buf).strip())
#4 3.989 E ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#4 3.989 E SyntaxError: invalid escape sequence '\d'
#4 3.989 ___________________ ERROR collecting tests/test_suricata.py ____________________
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/python.py:617: in _importtestmodule
#4 3.989 mod = import_path(self.path, mode=importmode, root=self.config.rootpath)
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/pathlib.py:567: in import_path
#4 3.989 importlib.import_module(module_name)
#4 3.989 /usr/local/lib/python3.13/importlib/__init__.py:88: in import_module
#4 3.989 return _bootstrap._gcd_import(name[level:], package, level)
#4 3.989 <frozen importlib._bootstrap>:1381: in _gcd_import
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1354: in _find_and_load
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:1325: in _find_and_load_unlocked
#4 3.989 ???
#4 3.989 <frozen importlib._bootstrap>:929: in _load_unlocked
#4 3.989 ???
#4 3.989 /usr/local/lib/python3.13/site-packages/_pytest/assertion/rewrite.py:186: in exec_module
#4 3.989 exec(co, module.__dict__)
#4 3.989 tests/test_suricata.py:36: in <module>
#4 3.989 from idstools import suricata
#4 3.989 E File "/py-idstools/idstools/suricata.py", line 51
#4 3.989 E m = re.search("((\d+)\.(\d+)(\.(\d+))?(\w+)?)", str(buf).strip())
#4 3.989 E ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#4 3.989 E SyntaxError: invalid escape sequence '\d'
#4 3.989 =========================== short test summary info ============================
#4 3.989 ERROR tests/test_rule.py
#4 3.989 ERROR tests/test_rulecat.py
#4 3.989 ERROR tests/test_suricata.py
#4 3.989 !!!!!!!!!!!!!!!!!!! Interrupted: 3 errors during collection !!!!!!!!!!!!!!!!!!!!
#4 3.989 ============================== 3 errors in 0.80s ===============================
When running pytest without -Werror tests succeed, with some SyntaxWarning: invalid escape sequence
#7 2.873 + PYTHONPATH=. pytest -v
#7 3.240 ============================= test session starts ==============================
#7 3.240 platform linux -- Python 3.13.0a1, pytest-7.4.3, pluggy-1.3.0 -- /usr/local/bin/python
#7 3.240 cachedir: .pytest_cache
#7 3.240 rootdir: /py-idstools
#7 3.240 collecting ... collected 78 items
...
#7 8.365 =============================== warnings summary ===============================
#7 8.365 tests/test_rule.py:40
#7 8.365 /py-idstools/tests/test_rule.py:40: SyntaxWarning: invalid escape sequence '\/'
#7 8.365 rule = idstools.rule.parse("""alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Request to .in FakeAV Campaign June 19 2012 exe or zip"; flow:established,to_server; content:"setup."; fast_pattern:only; http_uri; content:".in|0d 0a|"; flowbits:isset,somebit; flowbits:unset,otherbit; http_header; pcre:"/\/[a-f0-9]{16}\/([a-z0-9]{1,3}\/)?setup\.(exe|zip)$/U"; pcre:"/^Host\x3a\s.+\.in\r?$/Hmi"; metadata:stage,hostile_download; reference:url,isc.sans.edu/diary/+Vulnerabilityqueerprocessbrittleness/13501; classtype:trojan-activity; sid:2014929; rev:1;)""")
#7 8.365
#7 8.365 tests/test_rule.py:152
#7 8.365 /py-idstools/tests/test_rule.py:152: SyntaxWarning: invalid escape sequence '\/'
#7 8.365 rule_string = """alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET CURRENT_EVENTS Request to .in FakeAV Campaign June 19 2012 exe or zip"; flow:established,to_server; content:"setup."; fast_pattern:only; http_uri; content:".in|0d 0a|"; flowbits:isset,somebit; flowbits:unset,otherbit; http_header; pcre:"/\/[a-f0-9]{16}\/([a-z0-9]{1,3}\/)?setup\.(exe|zip)$/U"; pcre:"/^Host\x3a\s.+\.in\r?$/Hmi"; metadata:stage,hostile_download; reference:url,isc.sans.edu/diary/+Vulnerabilityqueerprocessbrittleness/13501; classtype:trojan-activity; sid:2014929; rev:1;)"""
#7 8.365
#7 8.365 tests/test_rule.py:172
#7 8.365 /py-idstools/tests/test_rule.py:172: SyntaxWarning: invalid escape sequence '\;'
#7 8.365 rule_string = u"""alert ip any any -> any any (msg:"TEST RULE\; and some"; content:"uid=0|28|root|29|"; tag:session,5,packets; classtype:bad-unknown; sid:10000000; rev:1;)"""
#7 8.365
#7 8.365 tests/test_rule.py:175
#7 8.365 /py-idstools/tests/test_rule.py:175: SyntaxWarning: invalid escape sequence '\;'
#7 8.365 self.assertEqual(rule.msg, "TEST RULE\; and some")
#7 8.365
#7 8.365 idstools/suricata.py:51
#7 8.365 /py-idstools/idstools/suricata.py:51: SyntaxWarning: invalid escape sequence '\d'
#7 8.365 m = re.search("((\d+)\.(\d+)(\.(\d+))?(\w+)?)", str(buf).strip())
#7 8.365
#7 8.365 -- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
#7 8.365 ================== 76 passed, 2 skipped, 5 warnings in 5.13s ===================
from py-idstools.
jasonish
commented on June 20, 2024
Ah, missed actually testing with 3.13 as I typically don't bother with non-released versions, as I'm very much not in the Python world anymore. Looks like easy fixes I can get to soon.
from py-idstools.
marcindulak
commented on June 20, 2024
OK, the good thing is there is no need for new release, as SyntaxWarning: invalid escape sequence in Python 3.13 are still warnings and not errors.
from py-idstools.
jasonish
commented on June 20, 2024
Will re-open and fix in the near future. Thanks.
from py-idstools.
Related Issues (20)
- appStats u2 can't work HOT 1
- Bug: Multiple instances of rule options fields clobber eachother HOT 4
- Recent versions of Snort unified2 not supported. HOT 5
- Feature Request: ability to parse the source, destination, protocol using dictionary.
- SoolRecordReader stop working HOT 2
- eve2pcap.py fails with IPv6 addresses HOT 1
- python2-scapy as pkg dependency
- Connection with suricata-update HOT 2
- Coverting packets object to pcap file HOT 7
- Feature request: mutate metadata key value pairs
- Add .md5 extension between URL's filename and its parameters HOT 1
- Provide option for idstools-u2eve to reload sid-msg.map after updating sid-msg.map contents. HOT 1
- Unified2 Event Types mpls, vlan, and appid not included in u2eve output
- u2json event.appid output is in byte format and mangled
- Tests fail with python 3.11 HOT 1
- Rule parsing fails if last option doesn't close with semi-colon HOT 1
- memory usage increase issue HOT 3
- Wrong parsing of pcre and possibly others
- Invalid issue
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from py-idstools.