Snort mailing list archives
Pulled Pork 0.7.2 Policies not working
From: "Michael Steele" <michaels () winsnort com>
Date: Sun, 22 Jan 2017 18:42:24 -0500
Darn, I no sooner sent this out and remembered that I activated all the rules so the policies wouldn't process no matter what they were set too.. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= I'm testing Pulled Pork on a slave sensor using -nPT to bypass the signature file. I've tried setting the policy using Balanced and Security. When the balanced policy is ran the output says it Modified 19004 rules. However the stats at the end never changes. It fails to update the .rules file with the changes. After running each of the policies I save the .rules file from each run, and they are identical. Attached is the output from each run. I'm not seeing anything. Maybe this is a problem others are having but not noticing? -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Thanks.
Attachment:
Security.txt
Description:
Attachment:
Balanced.txt
Description:
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Pulled Pork 0.7.2 Policies not working Michael Steele (Jan 22)
- Re: Pulled Pork 0.7.2 Policies not working Joel Esler (jesler) (Jan 23)
- <Possible follow-ups>
- Pulled Pork 0.7.2 Policies not working Michael Steele (Jan 22)