[Snort-users] pulledpork config two different error messages

Flo Flo.Matuschek at ...5689...
Thu Jan 1 08:12:47 EST 2015


Hi Forum Users,


my Problem is with Snort in the Version 2.9.7.0 and I this try to 
Install this with:

Setup Guide: „Snort 2.9.6.2 on Ubuntu 12 LTS and 14 LTS“(from the Site: 
www.snort.org <http://www.snort.org/>)

I'm about the Chapter 11 with the headline „Rulesets and a Snort Code“.


After editing the „/etc/snort/pulledpork.conf“ like the guide,I run 
following command:
sudo /usr/local/bin/pulledpork.pl -c /etc/snort/pulledpork.conf -l


Now I get the error message:

Checking latest MD5 for snortrules -2970.tar.gz.....

Error 422 when fetching https://www.snort.org/ 
<https://www.snort.org/reg-rules/snortrules-snapshot-2970.tar.gz.md5>reg-rules/snortrules-snapshot-2970.tar.gz.md5 
<https://www.snort.org/reg-rules/snortrules-snapshot-2970.tar.gz.md5> at 
/usr/local/bin/pulledpork.pl line 463

main::md5file('<XXX>', 'snortrules – snapshot-2970-tar.gz' ,' /tmp/' , 
'https://www.snort.org/reg-rules/') called at 
/usr/local/bin/pulledpork.pl line 1847


Now I found following text more times:

„So, once it is working on the snort.org<http://snort.org/> website, the 
new rule_url line should be as you specified below, with no |, ignoring 
the rules specified?“

So I removed the Pipe- Symbols in the three lines with insert my <oinkcode>.

Then
the upper errormessage disappeared but a new come in additon:

„You need to define an oinkcode, please review the rule_url section of the
pulledpork config file! “at /usr/local/bin/pulledpork.pl line 1801.

What can I do now? My search hours are not sucessful.
Thanks!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150101/c7646504/attachment.html>


More information about the Snort-users mailing list