[Snort-users] Fwd: Re: Snort IP blacklist issue (Pulledprok)

wkitty42 at ...14940... wkitty42 at ...14940...
Thu Feb 4 12:26:11 EST 2016



did you miss micolas' earlier post (below)... like 61 is one of those he changed ;)

-------- Forwarded Message --------
Subject: 	Re: [Snort-users] Snort IP blacklist issue (Pulledprok)
Date: 	Thu, 4 Feb 2016 10:40:29 +0100
From: 	Nicolas Lepolard <Nicolas.Lepolard at ...17447...>
To: 	Shirkdog <shirkdog at ...11827...>
CC: 	snort-users at lists.sourceforge.net



Hi,

Thank you for your reply !

I have checked and I think my config is OK. Here, are the variables that I have
modified in my pulledpork.conf file :

Line19
   rule_url=https://www.snort.org/reg_rules/|snortrules-snapshot.tar.gz|<my 
oinkcode>
Line 26        rule_url=https://www.snort.org/reg-rules/|opensource.gz|<my oinkcode>
Line 61        temp_path=/opt/snort/tmp (I have changed  the path cause it
didn't worked with /tmp, the permissions are OK)
Line 74        rule_path=/etc/snort/rules/snort.rules
Line 89        local_rules=/etc/snort/rules/local.rules
Line 92        sid_msg=/etc/snort/sid-msg.map
Line 96        sid_msg_version=2
Line 119        config_path=/etc/snort/snort.conf
Line 133        distro=Debian-6.0
Line 141 black_list=/etc/snort/rules/iplists/black_list.rules
Line 150        IPRVersion=/etc/snort/rules/iplists

Thank for your help.

Best regards

Nicolas





More information about the Snort-users mailing list