shirkdog/pulledpork

An error occurred: ERROR: /etc/snort//etc/snort/rules/app-detect.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/app-detect.rules": No such file or directory.

dd188s opened this issue · 1 comments

dd188s commented

Checking latest MD5 for snortrules-snapshot-29180.tar.gz....
Rules tarball download of snortrules-snapshot-29180.tar.gz....
They Match
Done!
IP Blocklist download of https://snort.org/downloads/ip-block-list....
Reading IP List...
Prepping rules from snortrules-snapshot-29180.tar.gz for work....
Done!
Reading rules...
Generating Stub Rules....
An error occurred: ERROR: /etc/snort//etc/snort/rules/app-detect.rules(0) Unable to open rules file "/etc/snort//etc/snort/rules/app-detect.rules": No such file or directory.

An error occurred: Fatal Error, Quitting..

Done

Reading rules...
Reading rules...
Writing Blocklist File /etc/snort/rules/iplists/default.blocklist....
Writing Blocklist Version 858862388 to /etc/snort/rules/iplists/IPRVersion.dat....
Modifying Sids....
Done!
Processing /etc/snort/enablesid.conf....
Modified 0 rules
Skipped 0 rules (already disabled)
Done
Processing /etc/snort/dropsid.conf....
Modified 0 rules
Skipped 0 rules (already disabled)
Done
Processing /etc/snort/disablesid.conf....
Modified 0 rules
Skipped 0 rules (already disabled)
Done
Setting Flowbit State....
Done
Writing /etc/snort/rules/snort.rules....
Done
Generating sid-msg.map....
Done
Writing v1 /etc/snort/sid-msg.map....
Done
Writing /var/log/sid_changes.log....
Done
Rule Stats...
New:-------42585
Deleted:---0
Enabled Rules:----10120
Dropped Rules:----0
Disabled Rules:---32465
Total Rules:------42585
IP Blocklist Stats...
Total IPs:-----1187

Done
Please review /var/log/sid_changes.log for additional details
Fly Piggy Fly!

lightarrow commented

Some variables are causing you to have duplicate paths.
Set them to relative paths only.
check lines 104 105 and 106 in your /etc/snort/snort.conf
They should look like this.
var RULE_PATH rules
var SO_RULE_PATH so_rules
var PREPROC_RULE_PATH preproc_rules