[Snort-users] Fwd: Re: Snort IP blacklist issue (Pulledprok)

Shirkdog shirkdog at ...11827...
Thu Feb 4 12:45:28 EST 2016


Right, pulledpork can make the reasonable assumption that /tmp exists on a
UNIX like operating system :)
On Feb 4, 2016 12:26 PM, <wkitty42 at ...14940...> wrote:

>
>
> did you miss micolas' earlier post (below)... like 61 is one of those he
> changed ;)
>
> -------- Forwarded Message --------
> Subject:        Re: [Snort-users] Snort IP blacklist issue (Pulledprok)
> Date:   Thu, 4 Feb 2016 10:40:29 +0100
> From:   Nicolas Lepolard <Nicolas.Lepolard at ...17447...>
> To:     Shirkdog <shirkdog at ...11827...>
> CC:     snort-users at lists.sourceforge.net
>
>
>
> Hi,
>
> Thank you for your reply !
>
> I have checked and I think my config is OK. Here, are the variables that I
> have
> modified in my pulledpork.conf file :
>
> Line19
>   rule_url=https://www.snort.org/reg_rules/|snortrules-snapshot.tar.gz|<my
> oinkcode>
> Line 26        rule_url=https://www.snort.org/reg-rules/|opensource.gz|<my
> oinkcode>
> Line 61        temp_path=/opt/snort/tmp (I have changed  the path cause it
> didn't worked with /tmp, the permissions are OK)
> Line 74        rule_path=/etc/snort/rules/snort.rules
> Line 89        local_rules=/etc/snort/rules/local.rules
> Line 92        sid_msg=/etc/snort/sid-msg.map
> Line 96        sid_msg_version=2
> Line 119        config_path=/etc/snort/snort.conf
> Line 133        distro=Debian-6.0
> Line 141 black_list=/etc/snort/rules/iplists/black_list.rules
> Line 150        IPRVersion=/etc/snort/rules/iplists
>
> Thank for your help.
>
> Best regards
>
> Nicolas
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20160204/3085fe5e/attachment.html>


More information about the Snort-users mailing list