Snort mailing list archives

Pulled Pork 403 Error

From: Brandon Phelps <bphelps () gls com>
Date: Wed, 25 Jul 2012 16:07:15 -0400

Greetings,

I am attempting to configure pulled pork using the subscriber rules and am getting a 403 error, informing me to wait 15 
minutes and try again.  I've
waited and waited and the issue persists.  When I get the error via pulled pork I can still access the tar.gz file fine 
from the website.  Has anyone
seen this problem before and know if I am doing something wrong?

Below are my rule_url lines as well as the actual pulled pork output.  If I run pulled pork with the -n option it 
correctly uses a copy of the rules I
already downloaded from /tmp.  Any help would be appreciated!

rule_url=https://www.snort.org/sub-rules/|snortrules-snapshot.tar.gz|a...e
rule_url=https://www.snort.org/sub-rules/|opensource.gz|a...e

$ sudo /opt/pulledpork-0.6.1/pulledpork.pl -c /opt/pulledpork-0.6.1/etc/pulledpork.conf

    http://code.google.com/p/pulledpork/
      _____ ____
     `----,\    )
      `--==\\  /    PulledPork v0.6.1 the Smoking Pig <////~
       `--==\\/
     .-~~~~-.Y|\\_  Copyright (C) 2009-2011 JJ Cummings
  @_/        /  66\_  cummingsj () gmail com
    |    \   \   _(")
     \   /-| ||'--'  Rules give me wings!
      \_\  \_\\
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Checking latest MD5 for snortrules-snapshot-2930.tar.gz....
        A 403 error occurred, please wait for the 15 minute timeout
        to expire before trying again or specify the -n runtime switch
        You may also wish to verfiy your oinkcode, tarball name, and other configuration options
        Error 403 when fetching https://www.snort.org/sub-rules/snortrules-snapshot-2930.tar.gz.md5 at 
/opt/pulledpork-0.6.1/pulledpork.pl line 453
        main::md5file('a...e', 'snortrules-snapshot-2930.tar.gz', '/tmp/', 'https://www.snort.org/sub-rules/&apos;) called 
at /opt/pulledpork-0.6.1/pulledpork.pl
line 1758


Thanks,
Brandon

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Pulled Pork 403 Error Brandon Phelps (Jul 25)
- Re: Pulled Pork 403 Error Brandon Phelps (Jul 25)
  - Re: Pulled Pork 403 Error Joel Esler (Jul 25)