Hi everyone
thank for your PP :-)
I am using pulledpork with VRT edge rulepack, follow a description from
Sourcefire (hxxp://www.snort.org/snort-rules/cli (bottom) ):
Edge Rulepack
You can now stay on the cutting edge of rulepacks by setting <filename>, in any
of the above recipes, equal to snortrules-snapshot-edge.tar.gz
This will pull down the latest versioned rulepack that you are privileged to
have! e.g. if 2912, 2930 and 2931 are available, it will access 2931.
This rulepack is named snortrules-snapshot-edge.tar.gz
To use that I simple modify PP (svn version):
$ diff /usr/local/bin/pulledpork.pl src/pulledpork-read-only/pulledpork.pl
1813c1813
< unless ( $rule_file =~ /snortrules-snapshot-\w+\.tar\.gz/
---
> unless ( $rule_file =~ /snortrules-snapshot-\d{4}\.tar\.gz/
1822c1822
< $rule_file = "snortrules-snapshot-$Snortv.tar.gz" unless
$rule_file =~ /snortrules-snapshot-edge\.tar\.gz/;
---
> $rule_file = "snortrules-snapshot-$Snortv.tar.gz";
Perl isn't my favorite script language ;-), sorry
Is it possible include this in a next release?
Thank you in advance
See you
Simone
Original issue reported on code.google.com by pascal.c...@gmail.com on 31 Jan 2014 at 11:31
Original issue reported on code.google.com by
pascal.c...@gmail.comon 31 Jan 2014 at 11:31