Hi Birger,
Thanks, I got a bit further now (after removing the python3-cerberus dependency). It stumbles on a test for the ShadowServer parser bot. It looks like a time zone hickup in the outcome comparison, see below. I'll try to debug it on my own.
Br, Mika
---
FAIL: test_event (intelmq.tests.bots.parsers.shadowserver.test_ddos_amplification.TestShadowserverParserBot) Test if correct Event has been produced. ---------------------------------------------------------------------- Traceback (most recent call last): File "/opt/imq_pkg_experimenting/intelmq/intelmq/tests/bots/parsers/shadowserver/test_ddos_amplification.py", line 91, in test_event self.assertMessageEqual(i, EVENT) File "/opt/imq_pkg_experimenting/intelmq/intelmq/lib/test.py", line 532, in assertMessageEqual self.assertDictEqual(expected, event_dict) AssertionError: {'__type': 'Event', 'feed.name': 'Amplifica[1211 chars]SSS'} != {'feed.name': 'Amplification DDoS Victim', [1211 chars]ent'} {'__type': 'Event', 'classification.identifier': 'amplification-ddos-victim', 'classification.taxonomy': 'availability', 'classification.type': 'ddos', 'destination.port': 13, 'extra.bytes': 2220, 'extra.count': 15, - 'extra.end_time': '2018-10-09T06:10:01+00:00', ? ^
+ 'extra.end_time': '2018-10-09T03:10:01+00:00', ? ^
'extra.public_source': 'SSS', 'extra.request': 'DAYTIME Request', 'extra.sector': 'IT1', 'extra.sensor_geo': 'RU', 'extra.tag': 'daytime', 'feed.name': 'Amplification DDoS Victim', 'protocol.transport': 'udp', 'raw': 'InRpbWVzdGFtcCIsImlwIiwicHJvdG9jb2wiLCJkc3RfcG9ydCIsInRhZyIsInNyY19wb3J0IiwiaG9zdG5hbWUiLCJhc24iLCJnZW8iLCJyZWdpb24iLCJjaXR5IiwibmFpY3MiLCJzaWMiLCJyZXF1ZXN0IiwiY291bnQiLCJieXRlcyIsInNlbnNvcl9nZW8iLCJzZWN0b3IiLCJlbmRfdGltZSIsInB1YmxpY19zb3VyY2UiCiIyMDE4LTEwLTA5IDA2OjAwOjA2IiwiMTkyLjAuMi4xMCIsInVkcCIsIjEzIiwiZGF5dGltZSIsIjUzIiwiMTkyLTAtMi0xMC5leGFtcGxlLm5ldCIsIjQ0Mzk1IiwiQU0iLCJZRVJFVkFOIiwiWUVSRVZBTiIsIjAiLCIwIiwiREFZVElNRSBSZXF1ZXN0IiwiMTUiLCIyMjIwIiwiUlUiLCJJVDEiLCIyMDE4LTEwLTA5IDA2OjEwOjAxIiwiU1NTIg==', 'source.asn': 44395, 'source.geolocation.cc': 'AM', 'source.geolocation.city': 'YEREVAN', 'source.geolocation.region': 'YEREVAN', 'source.ip': '192.0.2.10', 'source.port': 53, 'source.reverse_dns': '192-0-2-10.example.net', 'time.source': '2018-10-09T06:00:06+00:00'}
----------------------------------------------------------------------
----- Original Message ----- From: "Birger Schacht" schacht@cert.at To: "intelmq-dev" intelmq-dev@lists.cert.at Sent: Wednesday, 7 April, 2021 13:12:19 Subject: Re: [IntelMQ-dev] Generating the deb packages for intelmq 2.3.1
Hi,
On 4/7/21 11:56 AM, Mika Silander wrote:
Hi,
A quick one: how am I supposed to build the distribution packages of intelmq 2.3.1? I cloned the intelmq github repo, then:
git checkout maintenance cd debian
but then running e.g. "debuild -us -uc" first stumbles on python3-cerberus dependency missing and there's no package in Ubuntu 18.04 LTS for installing it. I can remove this dependency (it was only relevant for documenting, right?) but after that other errors surface like "no upstream tarball found ...".
Any hints as to where to look for solutions?
You can have a look at our github action, that automatically builds Debian packages: https://github.com/certtools/intelmq/blob/develop/.github/workflows/scripts/...
Basically you first install all the build dependencies with
apt-get build-dep -y .
Then you build the package using
dpkg-buildpackage -us -uc -b
cheers, Birger
Br, Mika
IntelMQ-dev mailing list https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev https://intelmq.readthedocs.io/