Re: New Snort breaks pulled pork

[Y M via Snort-users <snort-users () lists snort org>]

Actually it should be -nP and not only -n :)

YM

________________________________
From: Snort-users <snort-users-bounces () lists snort org> on behalf of Y M via Snort-users <snort-users () lists snort 
org>
Sent: Friday, October 13, 2017 1:45:54 AM
To: jlay () slave-tothe-box net
Cc: Snort
Subject: Re: [Snort-users] New Snort breaks pulled pork

James, if you explicitly set snort_version to 2.9.11.0 in the PulledPork conf file (near the end of the file) it's 
works fine. However, if you do so and also pull ET's then PulledPork won't work with ET either, but that's not 
PulledPork's issue. ET website does not yet include a rules directory for the newer version of Snort.

You can always download the rules tarballs manually to /tmp along with the .md5 files and pass -n to your PulledPork 
command at least until a permanent fix is in place.

Hope this helps.
YM.


_____________________________
From: James Lay <jlay () slave-tothe-box net<mailto:jlay () slave-tothe-box net>>
Sent: Friday, October 13, 2017 1:08 AM
Subject: [Snort-users] New Snort breaks pulled pork
To: Snort <snort-users () lists snort org<mailto:snort-users () lists snort org>>


FYI:

https://github.com/shirkdog/pulledpork/issues/282

James
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org<mailto:Snort-users () lists snort org>
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!


_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!