Autosnort icon indicating copy to clipboard operation
Autosnort copied to clipboard
verified publisher icon da667

OINKCODE not defined

Open t-0-m-1-3 opened this issue 6 years ago • 1 comments

I'm having an issue installing snort; I tried popping my oinkcode into the perl file itself and it didn't work either. I was also switching between commenting out line #441 like in #65 while i was troubleshooting that;

        IPRVersion = /opt/snort/rules/iplists
** GET https://www.snort.org/rules/snortrules-snapshot-29130.tar.gz.md5?oinkcode=`o_code_from_file` ==> -^H200
OK
** GET https://snort.org/downloads/community/opensource.gz.md5 ==> -^H200 OK                                                        
** GET https://snort.org/downloads/community/community-rules.tar.gz.md5 ==> -^H200 OK                                               
You need to define an oinkcode, please review the rule_url section of the pulledpork config file!                                   
 at pulledpork.pl line 2101.
MISC (CLI and Autovar) Variable Debug:
        Process flag specified!

t-0-m-1-3 avatar May 31 '19 02:05 t-0-m-1-3

I commented out line #441 after copying the data into my blacklist file.

[*] Generating pulledpork.conf.
[*] Attempting to download rules for snort-2.9.13.0..
[*] If this hangs, please make sure you set the HTTP_PROXY, http_proxy, HTTPS_PROXY, and https_proxy variables as required!         
[*] Rules processed successfully. Rules located in /opt/snort/rules.                                                                
[*] Pulledpork is located in /usr/src/pulledpork.
[*] By default, Autosnort runs Pulledpork with the Security over Connectivity ruleset.                                              
[*] If you want to change how pulled pork operates and/or what rules get enabled/disabled, Check out the /usr/src/pulledpork/etc directory, and the .conf files contained therein.
[*] Moving other snort configuration files..
[*] Backup up crontab to /etc/crontab_bkup..
[*] crontab backup successfully completed.
[*] Adding entry to /etc/crontab to run pulledpork Sunday at midnight (once weekly)..                                               
[*] crontab has been modified. If you want to modify when pulled pork runs to check rule updates, modify /etc/crontab.              
[*] Disabling offloading options on the sniffing interfaces..
[*] Found snortd init script.
[*] Init Script installation successfully completed.
[*] Init script located in /etc/init.d/snortd
[*] Rebooting now..
Connection to 172.16.1.4 closed by remote host.
Connection to 172.16.1.4 closed.

t-0-m-1-3 avatar May 31 '19 05:05 t-0-m-1-3