Re: More problems with pulledpork 0.6.0

[JJC <cummingsj () gmail com>]

Ok, I see the problem... PP has no way of knowing that the rules you are
putting on your custom-url-server are ET rules (it determines if it's VRT or
ET based on the source url), thus the other errors (in your bug) that you
are reporting and the behavior that you see.  If you remove the ET- from
your dropsid and disablesid config.  I will be publishing a bugfix today for
that (0.6.1) that will fix both issues, but require you to use
Custom-<category> when retrieving from a purely custom url, such as you are
doing.

JJC

On Fri, Apr 1, 2011 at 9:03 AM, JJC <cummingsj () gmail com> wrote:

> Please also comment out the modifysid.conf line also... more info to come
>
> JJC
>
>
> On Fri, Apr 1, 2011 at 9:03 AM, carlopmart <carlopmart () gmail com> wrote:
>
> > On 04/01/2011 04:59 PM, JJC wrote:
> >
> > > I"ll have to dig into this more, a few quick notes though..
> > >
> > >    * Are you actually using the modifysid?
> > >    * Suricata does NOT have SO rules, so you don't need to define the
> > >      path to the suricata.yaml file
> > >
> > > I'll have to setup a local rules copy and try to mimic what you are
> > > doing.. will take just a bit.
> > >
> > > JJC
> > Ok, I have disabled config_path variable. I don't use modifysid option ...
> >
> > Thanks JJC.
> >
> >
> > --
> > CL Martinez
> > carlopmart {at} gmail {d0t} com
------------------------------------------------------------------------------
Create and publish websites with WebMatrix
Use the most popular FREE web apps or write code yourself; 
WebMatrix provides all the features you need to develop and 
publish your website. http://p.sf.net/sfu/ms-webmatrix-sf

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users