chrisdevette / pulledpork

Automatically exported from code.google.com/p/pulledpork
GNU General Public License v2.0
0 stars 0 forks source link

Create a complete sid-msg.map with all rules involved #76

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?

Configure pulledpork.conf with disablesid.conf group rules and launch 
pulledpork.pl to create rules files and generate sid-msg.map.

What is the expected output? What do you see instead?

I would like to have a complete sid-msg.map with all rules involved (VRT, ET 
and local), including group rules defined under disablesid.conf

What version of the product are you using? On what operating system?

Pulledpork 0.6.1 under RHEL6.

Please provide any additional information below.

Original issue reported on code.google.com by carlopm...@gmail.com on 4 May 2011 at 6:23

GoogleCodeExporter commented 9 years ago
What rules are missing from the sid-msg.map at this time?

Original comment by Cummin...@gmail.com on 4 May 2011 at 6:33

GoogleCodeExporter commented 9 years ago
All group rules that I have configured under disablesid.conf

Original comment by carlopm...@gmail.com on 4 May 2011 at 6:38

GoogleCodeExporter commented 9 years ago
I am not able to reproduce this issue, a quick review of the code shows that 
all rules are included in the sid-msg.map and a test of disabling both an ET 
and VRT category in disablesid.conf shows that the data is still placed in the 
sid-msg.map.  Please verify that you have not set these categories to "ignore" 
in the master pulledpork.conf

Original comment by Cummin...@gmail.com on 7 Jun 2011 at 3:43