[IntelMQ-dev] Generating the deb packages for intelmq 2.3.1
Mika Silander
mika.silander at csc.fi
Wed Apr 7 12:38:04 CEST 2021
Hi Birger,
Thanks, I got a bit further now (after removing the python3-cerberus dependency). It stumbles on
a test for the ShadowServer parser bot. It looks like a time zone hickup in the outcome comparison,
see below. I'll try to debug it on my own.
Br, Mika
---
FAIL: test_event (intelmq.tests.bots.parsers.shadowserver.test_ddos_amplification.TestShadowserverParserBot)
Test if correct Event has been produced.
----------------------------------------------------------------------
Traceback (most recent call last):
File "/opt/imq_pkg_experimenting/intelmq/intelmq/tests/bots/parsers/shadowserver/test_ddos_amplification.py", line 91, in test_event
self.assertMessageEqual(i, EVENT)
File "/opt/imq_pkg_experimenting/intelmq/intelmq/lib/test.py", line 532, in assertMessageEqual
self.assertDictEqual(expected, event_dict)
AssertionError: {'__type': 'Event', 'feed.name': 'Amplifica[1211 chars]SSS'} != {'feed.name': 'Amplification DDoS Victim', [1211 chars]ent'}
{'__type': 'Event',
'classification.identifier': 'amplification-ddos-victim',
'classification.taxonomy': 'availability',
'classification.type': 'ddos',
'destination.port': 13,
'extra.bytes': 2220,
'extra.count': 15,
- 'extra.end_time': '2018-10-09T06:10:01+00:00',
? ^
+ 'extra.end_time': '2018-10-09T03:10:01+00:00',
? ^
'extra.public_source': 'SSS',
'extra.request': 'DAYTIME Request',
'extra.sector': 'IT1',
'extra.sensor_geo': 'RU',
'extra.tag': 'daytime',
'feed.name': 'Amplification DDoS Victim',
'protocol.transport': 'udp',
'raw': 'InRpbWVzdGFtcCIsImlwIiwicHJvdG9jb2wiLCJkc3RfcG9ydCIsInRhZyIsInNyY19wb3J0IiwiaG9zdG5hbWUiLCJhc24iLCJnZW8iLCJyZWdpb24iLCJjaXR5IiwibmFpY3MiLCJzaWMiLCJyZXF1ZXN0IiwiY291bnQiLCJieXRlcyIsInNlbnNvcl9nZW8iLCJzZWN0b3IiLCJlbmRfdGltZSIsInB1YmxpY19zb3VyY2UiCiIyMDE4LTEwLTA5IDA2OjAwOjA2IiwiMTkyLjAuMi4xMCIsInVkcCIsIjEzIiwiZGF5dGltZSIsIjUzIiwiMTkyLTAtMi0xMC5leGFtcGxlLm5ldCIsIjQ0Mzk1IiwiQU0iLCJZRVJFVkFOIiwiWUVSRVZBTiIsIjAiLCIwIiwiREFZVElNRSBSZXF1ZXN0IiwiMTUiLCIyMjIwIiwiUlUiLCJJVDEiLCIyMDE4LTEwLTA5IDA2OjEwOjAxIiwiU1NTIg==',
'source.asn': 44395,
'source.geolocation.cc': 'AM',
'source.geolocation.city': 'YEREVAN',
'source.geolocation.region': 'YEREVAN',
'source.ip': '192.0.2.10',
'source.port': 53,
'source.reverse_dns': '192-0-2-10.example.net',
'time.source': '2018-10-09T06:00:06+00:00'}
----------------------------------------------------------------------
----- Original Message -----
From: "Birger Schacht" <schacht at cert.at>
To: "intelmq-dev" <intelmq-dev at lists.cert.at>
Sent: Wednesday, 7 April, 2021 13:12:19
Subject: Re: [IntelMQ-dev] Generating the deb packages for intelmq 2.3.1
Hi,
On 4/7/21 11:56 AM, Mika Silander wrote:
> Hi,
>
> A quick one: how am I supposed to build the distribution packages of intelmq 2.3.1?
> I cloned the intelmq github repo, then:
>
> git checkout maintenance
> cd debian
>
> but then running e.g. "debuild -us -uc" first stumbles on python3-cerberus dependency missing and
> there's no package in Ubuntu 18.04 LTS for installing it. I can remove this dependency (it was only
> relevant for documenting, right?) but after that other errors surface like "no upstream tarball found ...".
>
> Any hints as to where to look for solutions?
You can have a look at our github action, that automatically builds
Debian packages:
https://github.com/certtools/intelmq/blob/develop/.github/workflows/scripts/debian-package.sh
Basically you first install all the build dependencies with
> apt-get build-dep -y .
Then you build the package using
> dpkg-buildpackage -us -uc -b
cheers,
Birger
>
> Br, Mika
>
>
> _______________________________________________
> IntelMQ-dev mailing list
> https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev
> https://intelmq.readthedocs.io/
>
--
// Birger Schacht <schacht at cert.at>
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg
_______________________________________________
IntelMQ-dev mailing list
https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev
https://intelmq.readthedocs.io/
More information about the IntelMQ-dev
mailing list