Closed vrtadmin closed 3 years ago
Any status on this?
It should work with the older snortrules-snapshot structure, AFAIK. PulledPork doesn't yet handle the light speed package.
Ok cool...might have to just grep/sed/awk my way to freedom until this pans out :)
This does not appear to be the case:
Checking latest MD5 for snortrules-snapshot-3140.tar.gz....
Error downloading https://www.snort.org/rules/snortrules-snapshot-3140.tar.gz.md5?oinkcode=<snip>: 422 Unprocessable Entity [ 422 ]
Creating a new rule package each snort 3 release will become unsustainable really fast. PulledPork 3 that supports LSP needs to be where we go. 3140, in the meantime, will be posted tomorrow.
Closing this, as this work has shifted to pulledpork3
Since Snort 3's ruleset is different in structure, there is going to be a lot to look at in pulledpork to ensure compatibility to handle the different functions of pulledpork. (Drop enablement, policy usage, suppression, commenting rules out, ignoring rules, etc.)