Hi. I couldn't find this issue in the forums so I am reporting here with a possible fix. I am testing opnsense 18.1.r1 which have suricata 4.0.3. When using the GUI to check the rules the system reports:
configd.py: [53df30fd-d29a-4b39-98f9-3dd8c2171b76] Script action failed with Command '/usr/local/opnsense/scripts/suricata/queryInstalledRules.py /limit '10' /offset '0' /filter '' /sort_by 'sid'' returned non-zero exit status 1
While debugging the issue I found that the queryInstalledRules.py imports update_params from lib.params which doesn't exist. I patched the code to:
import ujson
from lib.rulecache import RuleCache
#from lib.params import update_params
import sys
sys.path.insert(0, "/usr/local/opnsense/site-python")
from params import update_params
which seems to work.
I couldn't find a bug reporter for the 18.1 series so I am posting here the fix so far.
Regards,
nas7
Just found similar error with listAlertLogs.py. Patched code as:
import datetime
from lib import suricata_alert_log
#from lib.log import reverse_log_reader
import sys
sys.path.insert(0, "/usr/local/opnsense/site-python")
from log_helper import reverse_log_reader
Seems to work now also.
Hi nas7,
Thank you for your report. Fixed via:
https://github.com/opnsense/core/commit/921b54d4f
Cheers,
Franco