[Snort-users] TR: Problem with snort VRT rules

PNR INFORMATIQUE pnrinformatique at aerco-cg.com
Sat Sep 9 18:05:13 EDT 2017


Hi everyone!

 

I need help (see message in red). I do not know how to solve the problem.
Note that snort service is still down.

 

Snort Download packets starts here:

 

>>> Upgrading pfSense-pkg-snort... 

Updating pfSense-core repository catalogue...

pfSense-core repository is up to date.

Updating pfSense repository catalogue...

pfSense repository is up to date.

All repositories are up to date.

Checking integrity... done (0 conflicting)

The following 1 package(s) will be affected (of 0 checked):

 

Installed packages to be REINSTALLED:

                pfSense-pkg-snort-3.2.9.5 [pfSense]

 

Number of packages to be reinstalled: 1

[1/1] Reinstalling pfSense-pkg-snort-3.2.9.5...

[1/1] Extracting pfSense-pkg-snort-3.2.9.5: .......... done

Removing snort components...

Menu items... done.

Services... done.

Loading package instructions...

Saving updated package information...

overwrite!

Loading package configuration... done.

Configuring package components...

Loading package instructions...

Custom commands...

Executing custom_php_install_command()...Saved settings detected.

Migrating settings to new configuration... done.

Downloading Snort VRT rules md5 file... FAILED!

Snort VRT rules md5 error ... Server returned error code 422 ...

Snort VRT rules will not be updated.

Server returned error code 422.

Downloading Snort OpenAppID detectors md5 file... done.

Checking Snort OpenAppID detectors md5 file... done.

There is a new set of Snort OpenAppID detectors posted.

Downloading snort-openappid.tar.gz... done.

Downloading Snort OpenAppID RULES detectors md5 file... done.

Checking Snort OpenAppID RULES detectors md5 file... done.

There is a new set of Snort OpenAppID RULES detectors posted.

Downloading appid_rules.tar.gz... done.

Downloading Snort GPLv2 Community Rules md5 file... done.

Checking Snort GPLv2 Community Rules md5 file... done.

There is a new set of Snort GPLv2 Community Rules posted.

Downloading community-rules.tar.gz... done.

Downloading Emerging Threats Open rules md5 file... done.

Checking Emerging Threats Open rules md5 file... done.

There is a new set of Emerging Threats Open rules posted.

Downloading emerging.rules.tar.gz... done.

Installing Snort OpenAppID detectors...Copying md5 signature to snort
directory... done.

Installing Snort OpenAppID RULES detectors...Copying md5 signature to snort
directory... done.

Installing Snort GPLv2 Community Rules... done.

Installing Emerging Threats Open rules...Copying md5 signature to snort
directory... done.

Updating rules configuration for: LAN ... done.

Updating rules configuration for: WAN ... done.

Cleaning up temp dirs and files... done.

The Rules update has finished.

Generating snort.conf configuration file from saved settings.

Generating configuration for LAN...

done.

Generating configuration for WAN...

done.

Generating snort.sh script in /usr/local/etc/rc.d/... done.

Finished rebuilding Snort configuration files.

done.

Executing custom_php_resync_config_command()...

 

done.

Menu items... done.

Services... done.

Writing configuration... done.

Please visit Services - Snort - Interfaces tab first and select your desired
rules. Afterwards visit the Updates tab to download your configured
rulesets.Message from pfSense-pkg-snort-3.2.9.5:

Please visit Services - Snort - Interfaces tab first to add an interface,
then select your desired rules packages at the Services - Snort - Global
tab. Afterwards visit the Updates tab to download your configured rulesets.

>>> Cleaning up cache... done.

Success

 

De : PNR INFORMATIQUE [mailto:pnrinformatique at aerco-cg.com] 
Envoyé : vendredi 1 septembre 2017 21:15
À : 'snort-users at lists.snort.org' <snort-users at lists.snort.org>
Cc : 'kdiminat at edge-airport-africa.com' <kdiminat at edge-airport-africa.com>
Objet : Problem with snort VRT rules

 

Hi everyone!

 

I need help (see message in yellow). I do not know how to solve the problem.
Note that snort service is still down.

 

Snort Download packets starts here:

 

>>> Installing pfSense-pkg-snort... 

Updating pfSense-core repository catalogue...

pfSense-core repository is up to date.

Updating pfSense repository catalogue...

pfSense repository is up to date.

All repositories are up to date.

Checking integrity... done (0 conflicting)

The following 1 package(s) will be affected (of 0 checked):

 

New packages to be INSTALLED:

                pfSense-pkg-snort: 3.2.9.5 [pfSense]

 

Number of packages to be installed: 1

[1/1] Installing pfSense-pkg-snort-3.2.9.5...

[1/1] Extracting pfSense-pkg-snort-3.2.9.5: .......... done

Saving updated package information...

done.

Loading package configuration... done.

Configuring package components...

Loading package instructions...

Custom commands...

Executing custom_php_install_command()...Saved settings detected.

Migrating settings to new configuration... done.

Downloading Snort VRT rules md5 file... FAILED!

Snort VRT rules md5 error ... Server returned error code 422 ...

Snort VRT rules will not be updated.

Server returned error code 422.

Downloading Snort OpenAppID detectors md5 file... done.

Checking Snort OpenAppID detectors md5 file... done.

There is a new set of Snort OpenAppID detectors posted.

Downloading snort-openappid.tar.gz... done.

Downloading Snort OpenAppID RULES detectors md5 file... done.

Checking Snort OpenAppID RULES detectors md5 file... done.

There is a new set of Snort OpenAppID RULES detectors posted.

Downloading appid_rules.tar.gz... done.

Downloading Snort GPLv2 Community Rules md5 file... done.

Checking Snort GPLv2 Community Rules md5 file... done.

There is a new set of Snort GPLv2 Community Rules posted.

Downloading community-rules.tar.gz... done.

Downloading Emerging Threats Open rules md5 file... done.

Checking Emerging Threats Open rules md5 file... done.

There is a new set of Emerging Threats Open rules posted.

Downloading emerging.rules.tar.gz... done.

Installing Snort OpenAppID detectors...Copying md5 signature to snort
directory... done.

Installing Snort OpenAppID RULES detectors...Copying md5 signature to snort
directory... done.

Installing Snort GPLv2 Community Rules... done.

Installing Emerging Threats Open rules...Copying md5 signature to snort
directory... done.

Updating rules configuration for: LAN ... done.

Updating rules configuration for: WAN ... done.

Cleaning up temp dirs and files... done.

The Rules update has finished.

Generating snort.conf configuration file from saved settings.

Generating configuration for LAN...

done.

Generating configuration for WAN...

done.

Generating snort.sh script in /usr/local/etc/rc.d/... done.

Finished rebuilding Snort configuration files.

done.

Executing custom_php_resync_config_command()...

 

done.

Menu items... done.

Services... done.

Writing configuration... done.

Please visit Services - Snort - Interfaces tab first and select your desired
rules. Afterwards visit the Updates tab to download your configured
rulesets.Message from pfSense-pkg-snort-3.2.9.5:

Please visit Services - Snort - Interfaces tab first to add an interface,
then select your desired rules packages at the Services - Snort - Global
tab. Afterwards visit the Updates tab to download your configured rulesets.

>>> Cleaning up cache... done.

Success

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170909/5304c2d1/attachment.html>


More information about the Snort-users mailing list