Control: fixed 853154 suricata/1:7.0.10-1 Hi everybody, some time passed since the last post in this bug thread.
I did some tests and I think this is fixed now since Suricata 7.x released as 1:7.0.10-1 in Debian trixie:
``` # In suricata/1:7.0.10-1 on Debian trixie $ grep "default-rule-path" -A3 /etc/suricata/suricata.yaml default-rule-path: /var/lib/suricata/rules rule-files: - suricata.rules ```According to the upstream git, the rule path is changed in commit 9d7a497, which was released as Suricata 7.0.0-beta1 [1].
Suricata 7.x will load properly (assuming the interface config is correct), it claims about not having rules in /var/lib/suricata/rules/suricata.rules, but starting successfully though.
``` $ suricata --af-packet i: suricata: This is Suricata version 7.0.10 RELEASE running in SYSTEM modeW: detect: No rule files match the pattern /var/lib/suricata/rules/suricata.rules
W: detect: 1 rule files specified, but no rules were loaded!W: af-packet: eth0: AF_PACKET tpacket-v3 is recommended for non-inline operation
i: threads: Threads created -> W: 10 FM: 1 FR: 1 Engine started. ^Ci: suricata: Signal Received. Stopping engine. i: device: eth0: packets: 0, drops: 0 (0.00%), invalid chksum: 0 $ echo $? 0 ```When running `suricata-update` after that, it successfully downloads the rules and loads them properly. So I think this bug can be considered as fixed now.
If there are no objections, I would close it in a few weeks. Thanks and best regards! Andreas[1] https://github.com/OISF/suricata/commit/9d7a497cc168cf3917c1fd7b68daf0fb27e22722
OpenPGP_0xD74D4EE0580CA4FC.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
