search

shirkdog / pulledpork

Pulled Pork for Snort and Suricata rule management (from Google code)
GNU General Public License v2.0
417 stars 134 forks source link

Invalid header block at offset unknown at /usr/local/bin/pulledpork.pl line 269 #322

Closed sfscott closed 3 years ago

sfscott commented 5 years ago

I'm running pulled pork on CentOS 7. When I run pulled pork I get the above error during execution. I've checked the pulledpork.pl file and I don't have a line 299. The file ends around 220.

UPDATE: This seems to occur during processing of opensource.gz. After commenting out that line in the conf file, the error went away. Is the documentation needed for pulled pork to process correctly?

Thanks for the assist!

Scott

Output below:

[root@localhost pulledpork-master]# perl pulledpork.pl -c /root/Downloads/pulledpork-master/etc/pulledpork.conf

https://github.com/shirkdog/pulledpork
  _____ ____
 `----,\    )
  `--==\\  /    PulledPork v0.7.4 - Helping you protect your bitcoin wallet!
   `--==\\/
 .-~~~~-.Y|\\_  Copyright (C) 2009-2017 JJ Cummings, Michael Shirk

@/ / 66_ and the PulledPork Team! | \ \ (") \ /-| ||'--' Rules give me wings! _\ _\



Checking latest MD5 for snortrules-snapshot-29120.tar.gz....
    They Match
    Done!
Checking latest MD5 for snortrules-snapshot-29120.tar.gz....
    They Match
    Done!
IP Blacklist download of https://talosintelligence.com/documents/ip-blacklist....
Reading IP List...
Rules tarball download of opensource.gz....
Prepping rules from opensource.gz for work....
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
Invalid header block at offset unknown at pulledpork.pl line 299.
    Done!
Prepping rules from snortrules-snapshot-29120.tar.gz for work....
    Done!
Reading rules...
Generating Stub Rules....
Something failed in the gen_stubs sub, please verify your shared object config!
    Done
Reading rules...
Reading rules...
Blacklist version is unchanged, not updating!
Activating balanced rulesets....
    Done
Setting Flowbit State....
    Enabled 411 flowbits
    Done
Writing /root/new_rules....
    Done
Generating sid-msg.map....
    Done
Writing v1 /usr/local/etc/snort/sid-msg.map....
    Done
Writing /var/log/sid_changes.log....
    Done
Rule Stats...
    New:-------0
    Deleted:---0
    Enabled Rules:----10154
    Dropped Rules:----0
    Disabled Rules:---24792
    Total Rules:------34946
No IP Blacklist Changes

Done
Please review /var/log/sid_changes.log for additional details
Fly Piggy Fly!
shirkdog commented 5 years ago

@finchy Is this an issue as discussed on the mailing list with the revamping of the documentation?

shirkdog commented 3 years ago

This issue is OBE, opensource.gz has been removed.