Re: PulledPork puts empty snort.rules file in rules dir

[JJC <cummingsj () gmail com>]

What does -vv produce when running pulled pork?

Sent from my iPad

On Nov 22, 2011, at 15:36, codeforfun <codeforfun () gawab com> wrote:

> I am using PulledPork 0.6.1 on Windows XP to update my snort rules.
>
> I have managed to get PulledPork to download the rules to a tmp dir on 
> my local computer ("snortrules-snapshot-2900.tar.gz"). With the file 
> size of 27,091KB
>
> But when it comes to updating the c:\snort\rules dir, it only seems to 
> place one empty file into this dir, the file is called "snort.rules" 
> file size 0KB.
>
> Could someone please point me in the right direction to how i can solve 
> this issue?
>
> You can read my pulledpork.conf file here: http://ctrlv.it/id/MjcwNDk1
> This is the command i am using to run PulledPork = "pulledpork.pl -c 
> ./etc/pulledpork.conf -v"
>
> I have been working on this for around 3days now. I have also read the 
> pulledpork "README" file and the "snort\doc\README.*" files. But i 
> really need some more help.
>
>
> The output from PulledPork looks like this:
>
> Setting Flowbit State....
>         Done
> Writing C:\snort\rules\snort.rules....
>         Done
> Generating sid-msg.map....
>         Done
> Writing C:\snort\sid-msg.map....
>         Done
> Writing C:\snort\sid_changes.log....
>         Done
> Rule Stats....
>         New:-------0
>         Deleted:---0
>         Enabled Rules:----0
>         Dropped Rules:----0
>         Disabled Rules:---0
>         Total Rules:------0
>         Done
> Please review C:\snort\sid_changes.log for additional details
> Fly Piggy Fly!
>
>
>
> CodeForFun
>
> ------------------------------------------------------------------------------
> All the data continuously generated in your IT infrastructure 
> contains a definitive record of customers, application performance, 
> security threats, fraudulent activity, and more. Splunk takes this 
> data and makes sense of it. IT sense. And common sense.
> http://p.sf.net/sfu/splunk-novd2d
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>
> Please visit http://blog.snort.org to stay current on all the latest Snort news!

------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure 
contains a definitive record of customers, application performance, 
security threats, fraudulent activity, and more. Splunk takes this 
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!