Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort OpenAppID RULES - Server returned error code 0

    Scheduled Pinned Locked Moved IDS/IPS
    4 Posts 2 Posters 592 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      EWBtCiaST
      last edited by

      I've been unable to download the OpenAppID RULES for about 6 weeks due to the following error code - Server returned error code 0. All of the other rules update every day.

      I've also deleted the Snort package and re-installed it and restored pfSense to a versus where Snort had previously updated all rules.

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by

        @EWBtCiaST:

        I've been unable to download the OpenAppID RULES for about 6 weeks due to the following error code - Server returned error code 0. All of the other rules update every day.

        I've also deleted the Snort package and re-installed it and restored pfSense to a versus where Snort had previously updated all rules.

        Read the warning notice on the screen where you select the download of the OpenAppID rules.  They are currently maintained by a volunteer contributor and are hosted on a University web site in Brazil.  That University uses geo-blocking software to protect their web assets.  Thus some countries and IP blocks will find themselves blocked by that system.

        That may well be the case for you.  I hear some work is going going to maybe get these volunteer rules hosted elsewhere.  If that happens, the geo-blocking issue should go away.

        Bill

        1 Reply Last reply Reply Quote 0
        • E
          EWBtCiaST
          last edited by

          Bill,

          Thanks for the reply. I don't think that's the problem as I'm in the U.S. and I was just able to download the rules using a test virtual machine with the same public IP as the one that doesn't work.

          1 Reply Last reply Reply Quote 0
          • bmeeksB
            bmeeks
            last edited by

            @EWBtCiaST:

            Bill,

            Thanks for the reply. I don't think that's the problem as I'm in the U.S. and I was just able to download the rules using a test virtual machine with the same public IP as the one that doesn't work.

            Are you running any other blocking packages?  pfBlockerNG, for example.  Some of the IP lists there have blocked access to rules downloads for folks using them.  Do you have a proxy of some sort in use?

            The download process is just a simple call to the curl() functions in PHP with the rules URL.  The exact same code is used for all the rules downloads, so if one works that means the underlying code is good.  Otherwise, no downloads would work.

            Bill

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.