Closed ulysse31 closed 1 month ago
I can not reproduce. Can you please share a screenshot or a url link that i can maybe try to use/mimc on my own setup to try to reproduce ?
Hello,
I have right now two servers in which I installed the docker version of SELKS. Both have the issue : just create a suppress rule by clicking on the "cross" a matched destination ip :
Then go to the ruleset menu, go to the list of suppression rules :
And click on any suppression ID on the list :
The install steps are quite simple :
a/ Install necessary tools for key repo addition sudo apt install ca-certificates curl gnupg
b/ remove any existing docker package if present (does not match anything if fresh install) for pkg in docker.io docker-doc docker-compose podman-docker containerd runc; do sudo apt remove $pkg; done
c/ Install docker repo keys sudo install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg sudo chmod a+r /etc/apt/keyrings/docker.gpg echo \ "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \ "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \ sudo tee /etc/apt/sources.list.d/docker.list > /dev/null sudo apt update
d/ Install docker sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
e/ add docker rights to user sudo usermod -aG docker $USER && su $USER
git clone https://github.com/StamusNetworks/SELKS.git cd SELKS/docker/ ./easy-setup.sh --install-portainer --non-interactive -i bond1 --iA --restart-mode always --es-memory 64G sudo -E docker compose up -d
From what I quickly googled, this error seems to be related to python code and unprotected/unchecked variable usage.
Ok , understood - now i can reproduce it. We would push an update.
Hello,
Do you know when this bug will be corrected ? Not being able to edit/modify/suppress a created suppress rule is somewhat a blocking issue ^^' (Cannot remove at all a supress rule ...) Thanks a lot,
--
We should push a fix in the next day.
@ulysse31 - should be all set. All you need to do is : https://github.com/StamusNetworks/SELKS/wiki/Docker#upgrade-all-containers
Great ! Seems to work as it should ^^ Thanks a lot
Is there an existing issue for this?
Current Behavior
on a matched rule, you click a "cross" button to create a suppress rule from a destination ip. You then create a suppress rule, by clicking on the "Default Ruleset" and then submit. Then, once the supress rule was created, go to ruleset, and then click on the ID number of the suppress rule created on the suppress rule listing ... You'll get "Internal Server Error" on the django-error log file, you get :
Expected Behavior
showing the suppress rule info page, and be able from there to modify/delete the suppress rule.
Steps To Reproduce
Docker version
Docker version 27.0.3, build 7d4bcd8
Docker version
Docker Compose version v2.28.1
OS Version
Debian GNU/Linux 12 (bookworm)
Content of the environnement File
COMPOSE_PROJECT_NAME=selks INTERFACES= -i "SUPPRESSED" ELASTIC_MEMORY=64G SCIRIUS_SECRET_KEY="SUPPRESSED" PWD=${PWD}
Version of SELKS
commit 4af455cd15f69f2ba471fa6cd0b96d6aae6e93b9 (HEAD -> master, origin/master, origin/HEAD) Author: Peter Manev pmanev@stamus-networks.com Date: Thu Jun 13 13:18:18 2024 +0200
Anything else?
No response