From: "R. W. Rodolico" <rodo@dailydata.net>
To: development@lists.ipfire.org
Subject: Bug report - Snort
Date: Sat, 25 Oct 2014 22:21:49 -0500 [thread overview]
Message-ID: <544C68CD.70505@dailydata.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 1931 bytes --]
Occurs in at least Core Update 84 and 85. When setting up Snort, and
choosing 'Sourcefire VRT rules for registered users', the following
error comes up. This is with a valid oinkcode which I've replaced below
with xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.:
======================================================================
--2014-10-25 21:50:26--
http://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Resolving www.snort.org (www.snort.org)... 50.19.124.119,
54.225.152.149, 54.243.242.66
Connecting to www.snort.org (www.snort.org)|50.19.124.119|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location:
https://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
[following]
--2014-10-25 21:50:26--
https://www.snort.org/reg-rules/snortrules-snapshot-2960.tar.gz/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Connecting to www.snort.org (www.snort.org)|50.19.124.119|:443... connected.
WARNING: cannot verify www.snort.org's certificate, issued by
'/C=US/O=Thawte, Inc./CN=Thawte SSL CA':
Self-signed certificate encountered.
HTTP request sent, awaiting response... 422 Unprocessable Entity
2014-10-25 21:50:26 ERROR 422: Unprocessable Entity.
======================================================================
Visiting the URL's individually (with the oinkcode) results in the error
message:
["File not found by name 'snortrules-snapshot-2960.tar.gz'"]
These entries appear to be hard coded on line 265 of ids.cgi
(/srv/web/ipfire/cgi-bin/ids.cgi)
Updating with "Snort/VRT GPLv2 Community Rules" and "Emergingtrheats.net
Community Rules" appear to work (I was not able to test the
"Subscription" set since I do not have a subscription.
Rod
--
"Rod" Rodolico
Daily Data, Inc.
POB 140465
Dallas TX 75214-0465
214.827.2170
http://www.dailydata.net
next reply other threads:[~2014-10-26 3:21 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-26 3:21 R. W. Rodolico [this message]
2014-10-28 0:45 ` Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=544C68CD.70505@dailydata.net \
--to=rodo@dailydata.net \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox