Snort mailing list archives

Previous By Date Next
Previous By Thread Next

pulledpork not retrieving reg rules

From: Roland RoLaNd <r_o_l_a_n_d () hotmail com>
Date: Thu, 10 Oct 2013 11:52:38 +0200
All,
i configured pulledpork.conf as such:
black_list=/usr/local/etc/snort/rules/iplists/default.blacklistconfig_path=/etc/snort/snort.confdisablesid=/etc/snort/disablesid.confdistro=Debian-7-1enablesid=/etc/snort/enablesid.confignore=deleted.rules,experimental.rules,local.rulesIPRVersion=/usr/local/etc/snort/rules/iplistslocal_rules=/etc/snort/rules/local.rulesmodifysid=/etc/snort/modifysid.confpid_path=/var/run/snort_eth0.pidpid_path=/var/run/snort_eth3.pidrule_path=/etc/snort/rules/snort.rulesrule_url=http://labs.snort.org/feeds/ip-filter.blf|IPBLACKLIST|openrule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|myoinkcodesid_changelog=/var/log/sid_changes.logsid_msg=/etc/snort/sid-msg.mapsid_msg_version=1snort_control=/usr/local/bin/snort_controlsnort_path=/usr/sbin/snortsnort_version=2.9.2.2-3sorule_path=/usr/local/lib/snort_dynamicrules/temp_path=/tmpversion=0.7.0

When i run try updating:
 pulledpork.pl -c /etc/snort/pulledpork.conf -T -l
    http://code.google.com/p/pulledpork/      _____ ____     `----,\    )      `--==\\  /    PulledPork v0.7.0 - Swine 
Flu!       `--==\\/     .-~~~~-.Y|\\_  Copyright (C) 2009-2013 JJ Cummings  @_/        /  66\_  cummingsj () gmail com  
  |    \   \   _(")     \   /-| ||'--'  Rules give me wings!      \_\  \_\\ 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Checking latest MD5 for snortrules-snapshot-2922-3.tar.gz....   A 403 error occurred, please wait for the 15 minute 
timeout     to expire before trying again or specify the -n runtime switch  You may also wish to verfiy your oinkcode, 
tarball name, and other configuration options        Error 403 when fetching 
https://www.snort.org/reg-rules/snortrules-snapshot-2922-3.tar.gz.md5 at /usr/local/bin/pulledpork.pl line 463  
main::md5file('myoinkcode', 'snortrules-snapshot-2922-3.tar.gz', '/tmp/', 'https://www.snort.org/reg-rules/&apos;) called at 
/usr/local/bin/pulledpork.pl line 1847


PS: visiting https://www.snort.org/reg-rules/snortrules-snapshot-2922-3.tar.gz/myoinkcode in a browser returns the 
following:Snort.org Rule Pack Download Error:
      --------------------------
      Subscription: false
      --------------------------
      No rule pack with this filename is available to you.
      --------------------------

Am i using the wrong url to retrieve 30 days old rules?
                                          
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60134071&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: