suricata_check.rule

Wrapper around idstools.rule.Rule for future removal of idstools dependency.

Exceptions

ParsingError

Raised when a rule cannot be parsed by suricata-check.

Classes

Rule	Wrapper around an suricata_check.rule.Rule in preparation for dropping the idstools dependency.

Functions

parse(→ Optional[Rule])

Parse a rule string using the underlying idstools parser.

Module Contents

exception suricata_check.rule.ParsingError(message: str)

Bases: RuntimeError

Raised when a rule cannot be parsed by suricata-check.

Most likely, such a rule is also an invalid Suricata rule.

Initializes the ParsingError with the raw rule as message.

class suricata_check.rule.Rule(inner: idstools.rule.Rule | None)

Wrapper around an suricata_check.rule.Rule in preparation for dropping the idstools dependency.

Create a wrapper around an existing suricata_check.rule.Rule.

Parameters

inner:

The parsed rule object from suricata_check.rule.parse() or None.

__contains__(key: str) → bool

Return True when the underlying rule contains key.

__getitem__(key: str)

Forward mapping access to the underlying rule.

Raises KeyError when no underlying rule is present.

__repr__() → str

Return representation of the wrapped rule (or ‘None’).

get(key: str, default: object | None = None)

Return the value for key if present, otherwise default.

property inner: idstools.rule.Rule | None

Return the underlying parsed rule object (or None).

suricata_check.rule.parse(text: str | None) → Rule | None

Parse a rule string using the underlying idstools parser.

Return a wrapped Rule instance.

Returns None when the text could not be parsed as a rule.