Snort mailing list archives

Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5

From: "Michael Steele" <michaels () winsnort com>
Date: Fri, 18 Jul 2014 07:53:22 -0400

What's with all the extension problems: .tar - .gz - .tar.gz is there no
standard. Maybe just .zip them, now I'm confused.

 

Best regards,

Michael...

 

WINSNORT.com Management.

--

****************** Established ~ 2001 *******************

*          Visit Us @  <http://www.winsnort.com/> http://www.winsnort.com
*

*      ~~ FREE WinIDS Snort installation guides ~~      *

*               ~~ FREE support forums ~~               *

* Snort: Open Source Network IDS -  <http://www.snort.org/>
http://www.snort.org *

*********************************************************

 

From: Anshuman Anil Deshmukh [mailto:anshuman () cybage com] 
Sent: Friday, July 18, 2014 7:21 AM
To: snort-users mailinglist
Subject: [Snort-users] Error 422 when fetching
https://www.snort.org/reg-rules/opensource.gz.md5

 

Hi,

 

Till yesterday we were able to download the rules, but again we have started
same issue of opensource.gz which was seen last week. Is it broken again?

 

    http://code.google.com/p/pulledpork/

      _____ ____

     `----,\    )

      `--==\\  /    PulledPork v0.7.0 - Swine Flu!

       `--==\\/

     .-~~~~-.Y|\\_  Copyright (C) 2009-2013 JJ Cummings

  @_/        /  66\_  cummingsj () gmail com <mailto:cummingsj () gmail com> 

    |    \   \   _(")

     \   /-| ||'--'  Rules give me wings!

      \_\  \_\\

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Use of uninitialized value $Value in pattern match (m//) at pulledpork.pl
line 108, <CONFIG> line 176.

Config File Variable Debug
/etc/pulledpork070/pulledpork-0.7.0/etc/pulledpork.conf

                snort_path = /usr/sbin/snort

                black_list = /etc/snort/rules/default.blacklist

                pid_path = /var/run/snort_eth2.pid,/var/run/barnyard2.pid

                IPRVersion = /etc/snort/rules/default.blacklist

                rule_path = /etc/snort/rules/snort.rules

                ignore = deleted.rules,experimental.rules,local.rules

                rule_url = ARRAY(0x1718208)

                snort_version = 2.9.6.1

                sid_msg_version = 1

                sid_changelog = /var/log/sid_changes.log

                sid_msg = /etc/snort/sid-msg.map

                backup_file = /tmp/pp070_backup

                config_path = /etc/snort/snort.conf

                temp_path = /etc/snort/tmp/

                distro = Centos-5-4

                version = 0.7.0

                sorule_path = /usr/local/lib/snort_dynamicrules/

                disablesid =
/etc/pulledpork070/pulledpork-0.7.0/etc/disablesid.conf

MISC (CLI and Autovar) Variable Debug:

                Process flag specified!

                arch Def is: x86-64

                Config Path is:
/etc/pulledpork070/pulledpork-0.7.0/etc/pulledpork.conf

                Distro Def is: Centos-5-4

                security policy specified

                Rules file is: /etc/snort/rules/snort.rules

                Path to disablesid file:
/etc/pulledpork070/pulledpork-0.7.0/etc/disablesid.conf

                sid changes will be logged to: /var/log/sid_changes.log

                sid-msg.map Output Path is: /etc/snort/sid-msg.map

                Snort Version is: 2.9.6.1

                Snort Config File: /etc/snort/snort.conf

                Snort Path is: /usr/sbin/snort

                SO Output Path is: /usr/local/lib/snort_dynamicrules/

                Will process SO rules

                Extra Verbose Flag is Set

                Verbose Flag is Set

                Base URL is:
https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|
<https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|%3cMy> <My
oinkcode> https://www.snort.org/reg-rules/|opensource.gz|
<https://www.snort.org/reg-rules/|opensource.gz|%3cmy> <my
oinkcode>https://rules.emergingthreats.net/|emerging.rules.tar.gz|open
https://s3.amazonaws.com/snort-org/www/rules/community/|community-rules.tar.
gz|Community http://labs.snort.org/feeds/ip-filter.blf|IPBLACKLIST|open

Checking latest MD5 for snortrules-snapshot-2961.tar.gz....

                Fetching md5sum for: snortrules-snapshot-2961.tar.gz.md5

** GET https://www.snort.org/reg-rules/snortrules-snapshot-2961.tar.gz.md5/
<https://www.snort.org/reg-rules/snortrules-snapshot-2961.tar.gz.md5/%3cmy>
<my oinkcode> ==> 200 OK (1s)

                most recent rules file digest:
de702f3cf2442d6736c678f58a834cef

                current local rules file  digest:
de702f3cf2442d6736c678f58a834cef

                The MD5 for snortrules-snapshot-2961.tar.gz matched
de702f3cf2442d6736c678f58a834cef

 

Checking latest MD5 for opensource.gz....

                Fetching md5sum for: opensource.gz.md5

** GET https://www.snort.org/reg-rules/opensource.gz.md5/
<https://www.snort.org/reg-rules/opensource.gz.md5/%3cmy> <my oinkcode> ==>
422 Unprocessable Entity (1s)

                Error 422 when fetching
https://www.snort.org/reg-rules/opensource.gz.md5 at pulledpork.pl line 463

                main::md5file('<my oinkcode>', 'opensource.gz',
'/etc/snort/tmp/', 'https://www.snort.org/reg-rules/&apos;) called at
pulledpork.pl line 1847

 

 

Regards,

Anshuman




"Legal Disclaimer: This electronic message and all contents contain
information from Cybage Software Private Limited which may be privileged,
confidential, or otherwise protected from disclosure. The information is
intended to be for the addressee(s) only. If you are not an addressee, any
disclosure, copy, distribution, or use of the contents of this message is
strictly prohibited. If you have received this electronic message in error
please notify the sender by reply e-mail to and destroy the original message
and all copies. Cybage has taken every reasonable precaution to minimize the
risk of malicious content in the mail, but is not liable for any damage you
may sustain as a result of any malicious content in this e-mail. You should
carry out your own malicious content checks before opening the e-mail or
attachment."  <http://www.cybage.com> www.cybage.com

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Anshuman Anil Deshmukh (Jul 18)
- Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Joel Esler (jesler) (Jul 18)
- Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Michael Steele (Jul 18)
  - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Joel Esler (jesler) (Jul 18)
    - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 waldo kitty (Jul 18)
    - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Joel Esler (jesler) (Jul 18)
- Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Joel Esler (jesler) (Jul 18)
  - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Andre DiMino (Jul 22)
    - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Joel Esler (jesler) (Jul 22)
    - Re: Error 422 when fetching https://www.snort.org/reg-rules/opensource.gz.md5 Andre DiMino (Jul 22)