Rooted Your {0x2E} Com

Has there been an update to this issue? modifysid workaround yet? Thanks

Is this issue still occurring, I can't reproduce

Status: Invalid

Will add to warn output for stdout and syslog, possibly changelog
Status: Accepted

Fix Committed Rev #237
Status: Fixed

Changed Paths:
    Modify    /trunk/doc/README.CHANGES
    Modify    /trunk/etc/disablesid.conf
    Modify    /trunk/etc/dropsid.conf
    Modify    /trunk/etc/enablesid.conf
    Modify    /trunk/pulledpork.pl

Fix for Bug #96

Going to set to allow trailing comments only.. i.e. no comments in-between entries on a single line.

Good catch, I'll mark this as closed, if you want to file a DOC bug, feel free but I will be changing that wording now. Specifying that variable will work as you would expect, not as it is noted.. stubs WILL still be generated... Committed Fix Rev #236
Status: Fixed

Changed Paths:
    Modify    /trunk/doc/README.CHANGES
    Modify    /trunk/etc/pulledpork.conf

Fix for Bug #99

Fixed, Rev #235
Status: Fixed

Changed Paths:
    Modify    /trunk/doc/README.CHANGES
    Modify    /trunk/pulledpork.pl

Fix for Bug #102

I did not set snort_version in pulledpork.conf because the instructions say it will disable .so rules, which would defeat the whole purpose of this bug report...

Closing this, I am unable to reproduce.... Checking latest MD5 for emerging.rules.tar.gz.... Fetching md5sum for: emerging.rules.tar.gz.md5 ** GET http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz.md5 ==> 200 OK most recent rules file digest: 63687b9f2911f077948d9f08658aabbe Rules tarball download of emerging.rules.tar.gz.... Fetching rules file: emerging.rules.tar.gz ** GET http://rules.emergingthreats.net/open/snort-2.9.0/emerging.rules.tar.gz ==> 200 OK (2s) storing file at: /tmp/emerging.rules.tar.gz current local rules file digest: 63687b9f2911f077948d9f08658aabbe The MD5 for emerging.rules.tar.gz matched 63687b9f2911f077948d9f08658aabbe so I'm not gonna download the rules file again suckas! Prepping rules from emerging.rules.tar.gz for work.... extracting contents of /tmp/emerging.rules.tar.gz...
Status: Invalid

Bug Scrub Bump

Labels: -Priority-Medium Priority-High

Issue 104 has been merged into this issue.

This appears to be related to 101 and the "keep" flag being set. Marking as a dupe of that and elevating status
Status: Duplicate
Labels: -Priority-Medium Priority-High
Mergedinto: 101

I verified this with the keep option specified
Status: Accepted

What steps will reproduce the problem? 1. Execute sudo pulledpork.pl -vv -c /etc/pulledpork/pulledpork.conf -i disablesid.conf -b dropsid.conf -e enablesid.conf -m /etc/snort/sid-msg.map -h /var/log/sid_changes.log -I security -H -K /etc/snort/rules/ What is the expected output? What do you see instead? The expected output would not have "Use of uninitialized value in concatenation (.) or string at /usr/local/bin/pulledpork.pl line 257." What version of the product are you using? On what operating system? 0.6.1 on Mac OS X v10.4.11 Please provide any additional information below. Output of command from step 1 attached as output.txt. Is this related to issue 75 or issue 85?

Damn mistype: "It gets me the latest snapshot for my release, I thought." Should have been It gets me the latest snapshot that I am entitled to. But you got that. I'm using the 2.9.1.2 rules from snortrules-snapshot-2912.tar.gz with Snort 2.9.2 and I thought it worked just fine. But you are saying if I used rules created for 2.9.2 with 2.9.1.2 it with would break 2.9.1.2 That is handy to know if I'm having a crappy morning with snort someday. Thanks.