Re: Fwd: Re: Snort IP blacklist issue (Pulledprok)

["Nicolas Lepolard" <Nicolas.Lepolard () ejco com>]

Hi guys,

Thank you for your reply and sorry for the response time, I am apprentice 
so I'm not always at my company.

I have tested today Shirkdog your command and I have realized what was 
wrong with the verbose mode !

In fact, it was my proxy blocking some HTTP requests, but it works now!

Thank you for your support guys.

My pig is flying now! : D

Nicolas




De :    Shirkdog <shirkdog () gmail com>
A :     Waldo Kitty <wkitty42 () windstream net>
Cc :    snort-users mailinglist <snort-users () lists sourceforge net>
Date :  05/02/2016 18:06
Objet : Re: [Snort-users] Fwd: Re: Snort IP blacklist issue (Pulledprok)



Also, run it with -vvv and make sure to blank out your oinkcode when 
posting the output.
Verbose mode might provide the detail of where it is failing.
On Feb 5, 2016 11:02 AM, <wkitty42 () windstream net> wrote:
On 02/05/2016 03:19 AM, Nicolas Lepolard wrote:
> Ok guys, thank you for your reply.
>
> I have changed the directory "/opt/snort/tmp" in "/tmp" but I still have 
the
>  same issue ... As I have mentioned, it doesn't work with "/tmp".
>
> I don't know what i can do now...

so what is the output when you run pulledprok[sic] now?? ;)

--
  NOTE: No off-list assistance is given without prior approval.
        *Please keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort 
news!
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort 
news!


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!