shirkdog
commented
5 years ago Check to see if rule URL for 29111 works, if so, might have to check with Talos folks, sometimes the md5 is not available on the site.
Closed Azaretdodo closed 3 years ago
shirkdog
commented
5 years ago Check to see if rule URL for 29111 works, if so, might have to check with Talos folks, sometimes the md5 is not available on the site.
Azaretdodo
commented
5 years ago I have the same error which the 29111 also how to ask to Thalos for repair this problem ?
Thank you in advance to answer my ask,
Regards.
Dorian ROSSE.
De : Shirkdog notifications@github.com Envoyé : Friday, October 19, 2018 3:43:42 PM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
Check to see if rule URL for 29111 works, if so, might have to check with Talos folks, sometimes the md5 is not available on the site.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431367705, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoZiOzVSMmd4NKR-07DRCeIDkiEsGks5umdcOgaJpZM4Xt0Pc.
shirkdog
commented
5 years ago This works for me, so there may be an issue with your oinkcode. Also you will not be able to use 2.9.12.0 signatures until the 30 day window has expired if you are only a registered user.
Azaretdodo
commented
5 years ago Have you try to answer that if I wait 30 day I will can use my oinkcode which pulledpork ?
how to check if in 30 days that will works these rules in pulledpork ?
Thank you in advance to lighter me,
Regards.
Dorian ROSSE.
De : Shirkdog notifications@github.com Envoyé : Friday, October 19, 2018 4:23:09 PM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
This works for me, so there may be an issue with your oinkcode. Also you will not be able to use 2.9.12.0 signatures until the 30 day window has expired if you are only a registered user.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431380259, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoSbfOVIKr3dMRl0SDYWeuTDfIGOzks5umeBNgaJpZM4Xt0Pc.
finchy
commented
5 years ago You haven't needed to "wait 30 days" in about 5 years.
29120 works fine and 29111 works fine. Not sure what the issue is.
422 means you are either requesting a file that doesn't exist or your oinkcode is wrong. Are you replacing "my oinkcode" in the URL with your actual oinkcode?
Azaretdodo
commented
5 years ago Yes I place the oinkcode from my snort account !
But why that doesn’t works for me ☹ ?
Than you in advance to help me,
Regards.
Dorian ROSSE.
De : Joel Esler notifications@github.com Envoyé : Friday, October 19, 2018 5:57:20 PM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
You haven't needed to "wait 30 days" in about 5 years.
29120 works fine and 29111 works fine. Not sure what the issue is.
422 means you are either requesting a file that doesn't exist or your oinkcode is wrong. Are you replacing "my oinkcode" in the URL with your actual oinkcode?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431411631, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoajGUHmHgkL6zbv-r97V0HYla8C-ks5umfZggaJpZM4Xt0Pc.
Azaretdodo
commented
5 years ago That the line I modified on the pulledpork.conf file :
rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot-29111.tar.gz|(here my oinkcode)
Have I bad modified my pulledpork.conf file ?
Thank you in advance to lighter me,
Regards.
Dorian ROSSE.
De : Dorian ROSSE dorianbrice@hotmail.fr Envoyé : Friday, October 19, 2018 5:59:39 PM À : shirkdog/pulledpork Objet : RE: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
Yes I place the oinkcode from my snort account !
But why that doesn’t works for me ☹ ?
Than you in advance to help me,
Regards.
Dorian ROSSE.
De : Joel Esler notifications@github.com Envoyé : Friday, October 19, 2018 5:57:20 PM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
You haven't needed to "wait 30 days" in about 5 years.
29120 works fine and 29111 works fine. Not sure what the issue is.
422 means you are either requesting a file that doesn't exist or your oinkcode is wrong. Are you replacing "my oinkcode" in the URL with your actual oinkcode?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431411631, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoajGUHmHgkL6zbv-r97V0HYla8C-ks5umfZggaJpZM4Xt0Pc.
finchy
commented
5 years ago I just looked at the logs for snort.org and I see a successful download for 29120 with your oinkcode yesterday at 16:44 GMT.
finchy
commented
5 years ago I also don't see any further attempts since.
Azaretdodo
commented
5 years ago Joel please can you answer to me if my line modified on pulledpork.conf is good ?
rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot-29111.tar.gz|(here my oinkcode)
I tried which the snort 29111 and 29120 but all failed… ☹
Thank you in advance to lighter me,
Regards.
Dorian ROSSE.
De : Joel Esler notifications@github.com Envoyé : Friday, October 19, 2018 6:05:13 PM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
I also don't see any further attempts since.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431414117, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoavZ_Qj-5AyItJEqaHJNOFLGjgYQks5umfg5gaJpZM4Xt0Pc.
finchy
commented
5 years ago Should look something liked his:
rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<oinkcode>
Are you failing an SSL negotiation? how about running pulledpork with -vvv as an argument and giving us the output?
Azaretdodo
commented
5 years ago I when to try as you can read :
root@bitfenix-server:/pulledpork# pulledpork -vvv pulledpork: command not found root@bitfenix-server:/pulledpork# ./pulledpork -vvv -bash: ./pulledpork: No such file or directory root@bitfenix-server:/pulledpork# .\pulledpork -vvv .pulledpork: command not found
what you try to tell me ?
Run the command Following which your -vvv options ? :
./pulledpork.pl -c pulledpork.conf -i disablesid.conf -T -H
Thank you in advance to help me,
Regards.
Dorian ROSSE.
De : Joel Eslermailto:notifications@github.com Envoyé le :vendredi 19 octobre 2018 18:11 À : shirkdog/pulledporkmailto:pulledpork@noreply.github.com Cc : Azaretdodomailto:dorianbrice@hotmail.fr; Authormailto:author@noreply.github.com Objet :Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
Should look something liked his:
rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|
Are you failing an SSL negotiation? how about running pulledpork with -vvv as an argument and giving us the output?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-431416093, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoUofeHnWbEO3zau1mJ4byNZJFbQwks5umfm-gaJpZM4Xt0Pc.
finchy
commented
5 years ago root@bitfenix-server:/pulledpork# pulledpork -vvv
pulledpork: command not found
root@bitfenix-server:/pulledpork# ./pulledpork -vvv
-bash: ./pulledpork: No such file or directory
root@bitfenix-server:/pulledpork# .\pulledpork -vvv
.pulledpork: command not foundThis tells me that you're running it wrong, or it's not executable.
Azaretdodo
commented
5 years ago I need to put again pulled pork on the system,
That went by a lot of time,
Regards.
Dorian Rosse.
From: Joel Esler notifications@github.com Sent: Tuesday, January 22, 2019 2:27:47 AM To: shirkdog/pulledpork Cc: Azaretdodo; Author Subject: Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
root@bitfenix-server:/pulledpork# pulledpork -vvv pulledpork: command not found root@bitfenix-server:/pulledpork# ./pulledpork -vvv -bash: ./pulledpork: No such file or directory root@bitfenix-server:/pulledpork# .\pulledpork -vvv .pulledpork: command not found
This tells me that you're running it wrong, or it's not executable.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-456240110, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoVpvWAKJrop702OvmWzlsZsVwGm6ks5vFmkTgaJpZM4Xt0Pc.
Azaretdodo
commented
5 years ago I went to put all files from pulledpork at the pulledpork folder then I launch this command line :
./pulledpork.pl -o /usr/local/etc/snort/rules/ -O 'my_oinkcode’ -c pulledpork.conf -D ubuntu-18-04 -u https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz -i disablesid.conf -T -H
the shell answer this :
You need to define an oinkcode, please review the rule_url section of the pulledpork config file! at ./pulledpork.pl line 2101.
the nano program doesn’t want to works which the ctrl + underscore also I don’t know how to put the oinkcode where It asked ☹,
Thank you in advance to help me for put the oinkcode where It asked,
Regards.
Dorian ROSSE.
De : Joel Esler notifications@github.com Envoyé : Tuesday, January 22, 2019 2:27:47 AM À : shirkdog/pulledpork Cc : Azaretdodo; Author Objet : Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
root@bitfenix-server:/pulledpork# pulledpork -vvv pulledpork: command not found root@bitfenix-server:/pulledpork# ./pulledpork -vvv -bash: ./pulledpork: No such file or directory root@bitfenix-server:/pulledpork# .\pulledpork -vvv .pulledpork: command not found
This tells me that you're running it wrong, or it's not executable.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-456240110, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AdLdoVpvWAKJrop702OvmWzlsZsVwGm6ks5vFmkTgaJpZM4Xt0Pc.
Asky-M
commented
3 years ago i think this error because md5 not match or not found. today, i trying to use snortrules-snapshot-3000.tar.gz and i found same error. when i check sums on https://www.snort.org/downloads/registered/md5s, file snortrules-snapshot-3000.tar.gz not found md5 hash and then i change snort version to snortrules-snapshot-2983.tar.gz after that i running again command pulledpork.pl -c /usr/local/etc/snort/pulledpork.conf and solved to me.
sorry for my english.
shirkdog
commented
3 years ago Closing this issue, preparing to tag 0.7.4 so verify if the latest version works for you.
frpr00
commented
2 years ago Hi everybody. I have the same problem. Tell me the solution, please. (Version of my snort 3.1.17, pulledpork - 0.8.0)
finchy
commented
2 years ago 422 means the file you are attempting to doesn’t exist.
frpr00
commented
2 years ago I understand this, it checks everything according to the latest MD5 31170, it is not in MD5. But I don't understand what to do with it. Я ведь все обновила даже, почему оно ищет то, чего нет.
This is my 19 string: rule_url=https://www.snort.org/rules/|snortrules-snapshot.tar.gz|
frpr00
commented
2 years ago Сорян за российский
guobiao-cn
commented
2 years ago This may be because the snort official did not upload the MD5 in time, resulting in the absence of the inspection file;
The Asky-M method is very direct and effective, browse https://www.snort.org/downloads/registered/md5s to find the latest compressed package, such as snortrules-snapshot-31210.tar.gz
Modify rule_url=https://www.snort.org/rules/|snortrules-snapshot-31210.tar.gz|oinkcode in the configuration file
The above method is still valid in PulledPork v0.8.0 and Snort++ 3.1.25.0. @frpr00 @Asky-M Thansk for your
finchy
commented
2 years ago Md5 is created on upload, so 1 isn't possible.
Azaretdodo
commented
2 years ago Hello cat and Joel,
I don't find this problem on the fork pulledpork thus I don't find if I was happening error 422 or error one,
Thanks you in advance for your time,
Regards.
Azaretdodo.
From: Cat @.> Sent: Wednesday, March 30, 2022 5:52:22 PM To: shirkdog/pulledpork @.> Cc: Azaretdodo @.>; Author @.> Subject: Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
This may be because the snort official did not upload the MD5 in time, resulting in the absence of the inspection file;
The Asky-M method is very direct and effective, browse https://www.snort.org/downloads/registered/md5s to find the latest compressed package, such as snortrules-snapshot-31210.tar.gz
Modify rule_url=https://www.snort.org/rules/|snortrules-snapshot-31210.tar.gz|oinkcodehttps://www.snort.org/rules/%7Csnortrules-snapshot-31210.tar.gz%7Coinkcode in the configuration file
The above method is still valid in PulledPork v0.8.0 and Snort++ 3.1.25.0. @frpr00https://github.com/frpr00 @Asky-Mhttps://github.com/Asky-M Thansk for your
— Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083317473, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IMDEIY6CFKLF7EVNV3VCR2DNANCNFSM4F5XIPOA. You are receiving this because you authored the thread.Message ID: @.***>
finchy
commented
2 years ago 422 has nothing to do with pulledpork. 422 is an error code from the website that says you’re requesting a version of the Snort ruleset that doesn’t exist.
On Mar 30, 2022, at 3:45 PM, Azaretdodo @.***> wrote:
Hello cat and Joel,
I don't find this problem on the fork pulledpork thus I don't find if I was happening error 422 or error one,
Thanks you in advance for your time,
Regards.
Azaretdodo.
From: Cat @.> Sent: Wednesday, March 30, 2022 5:52:22 PM To: shirkdog/pulledpork @.> Cc: Azaretdodo @.>; Author @.> Subject: Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
This may be because the snort official did not upload the MD5 in time, resulting in the absence of the inspection file;
The Asky-M method is very direct and effective, browse https://www.snort.org/downloads/registered/md5s to find the latest compressed package, such as snortrules-snapshot-31210.tar.gz
Modify rule_url=https://www.snort.org/rules/|snortrules-snapshot-31210.tar.gz|oinkcodehttps://www.snort.org/rules/%7Csnortrules-snapshot-31210.tar.gz%7Coinkcode in the configuration file
The above method is still valid in PulledPork v0.8.0 and Snort++ 3.1.25.0. @frpr00https://github.com/frpr00 @Asky-Mhttps://github.com/Asky-M Thansk for your
— Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083317473, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IMDEIY6CFKLF7EVNV3VCR2DNANCNFSM4F5XIPOA. You are receiving this because you authored the thread.Message ID: @.***> — Reply to this email directly, view it on GitHub https://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083554596, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAPPBRJAANBHBGYSR7PA7C3VCSVNLANCNFSM4F5XIPOA. You are receiving this because you commented.
Azaretdodo
commented
2 years ago Ok thanks you Joel,
Have a nice evening from the France this is twenty two to eleven of the night here,
Regards.
Azaretdodo.
From: Joel Esler @.> Sent: Wednesday, March 30, 2022 9:47:47 PM To: shirkdog/pulledpork @.> Cc: Azaretdodo @.>; Author @.> Subject: Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
422 has nothing to do with pulledpork. 422 is an error code from the website that says you’re requesting a version of the Snort ruleset that doesn’t exist.
On Mar 30, 2022, at 3:45 PM, Azaretdodo @.***> wrote:
Hello cat and Joel,
I don't find this problem on the fork pulledpork thus I don't find if I was happening error 422 or error one,
Thanks you in advance for your time,
Regards.
Azaretdodo.
From: Cat @.> Sent: Wednesday, March 30, 2022 5:52:22 PM To: shirkdog/pulledpork @.> Cc: Azaretdodo @.>; Author @.> Subject: Re: [shirkdog/pulledpork] 422 Unprocessable Entity [ 422 ] (#319)
This may be because the snort official did not upload the MD5 in time, resulting in the absence of the inspection file;
The Asky-M method is very direct and effective, browse https://www.snort.org/downloads/registered/md5s to find the latest compressed package, such as snortrules-snapshot-31210.tar.gz
Modify rule_url=https://www.snort.org/rules/|snortrules-snapshot-31210.tar.gz|oinkcodehttps://www.snort.org/rules/%7Csnortrules-snapshot-31210.tar.gz%7Coinkcode in the configuration file
The above method is still valid in PulledPork v0.8.0 and Snort++ 3.1.25.0. @frpr00https://github.com/frpr00 @Asky-Mhttps://github.com/Asky-M Thansk for your
— Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083317473, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IMDEIY6CFKLF7EVNV3VCR2DNANCNFSM4F5XIPOA. You are receiving this because you authored the thread.Message ID: @.***> — Reply to this email directly, view it on GitHub https://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083554596, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAPPBRJAANBHBGYSR7PA7C3VCSVNLANCNFSM4F5XIPOA. You are receiving this because you commented.
— Reply to this email directly, view it on GitHubhttps://github.com/shirkdog/pulledpork/issues/319#issuecomment-1083556530, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IJYKXSCCCL37YN6LN3VCSVWHANCNFSM4F5XIPOA. You are receiving this because you authored the thread.Message ID: @.***>
Hello,
I have this error when I do this command line :
./pulledpork.pl-c pulledpork.conf -i disablesid.conf -T -HOption H requires an argument
Checking latest MD5 for snortrules-snapshot-29120.tar.gz.... Error downloading https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz.md5?oinkcode="my oinkcode": 422 Unprocessable Entity [ 422 ]``
Thank you in advance to help me to repair this error
Regards.
Dorian ROSSE.