Home page logo

snort logo Snort mailing list archives

Re: so_rules are not processed by pulledpork underFreeBSD 9.1
From: "Seth Dunn" <seth () d2ms com>
Date: Thu, 9 May 2013 10:16:04 -0400

I am running my Snort and PP config under Windows 2008
I had a similar issue to getting PP to run as you are having now....
I tracked mine through adding in comments in the Pulledpork.pl file to give me output as to where it was at in the 
script, as well as what variables it was working with at the time it croaked.

For me, I had to tell Perl to ignore folders in my Temp directory where the rules are extracted too.
So I told PERL to ignore folders '.', '..' and 'so_'
If I did not ignore those, for whatever reason PERL would hang on them and not be able to process the rules/script 

If you like, you can view my progress on this post here (but remember this is a Windows box):

-----Original Message-----
From: C. L. Martinez [mailto:carlopmart () gmail com] 
Sent: Thursday, May 09, 2013 10:02 AM
To: Seth Dunn
Cc: snort-users () lists sourceforge net
Subject: Re: [Snort-users] so_rules are not processed by pulledpork underFreeBSD 9.1

On Thu, May 9, 2013 at 2:00 PM, Seth Dunn <seth () d2ms com> wrote:
Ok, so /so_rules/ is present
What about /rules/
Cause it appears that it is trying to work within that directory.

Correct, and this directory exists ...

root () plzfnsm01:/tmp# ls -la /data/config/etc/idpsnort01/rules/
total 8
drwxr-xr-x  2 root  wheel  2560 May  9 13:55 .
drwxr-xr-x  5 root  wheel   512 May  9 13:55 ..
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
Snort-users list archive:

Please visit http://blog.snort.org to stay current on all the latest Snort news!

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]