• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Snort OpenAppID RULES - Server returned error code 0

Scheduled Pinned Locked Moved IDS/IPS
4 Posts 2 Posters 592 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E
    EWBtCiaST
    last edited by Nov 25, 2017, 1:42 PM

    I've been unable to download the OpenAppID RULES for about 6 weeks due to the following error code - Server returned error code 0. All of the other rules update every day.

    I've also deleted the Snort package and re-installed it and restored pfSense to a versus where Snort had previously updated all rules.

    1 Reply Last reply Reply Quote 0
    • B
      bmeeks
      last edited by Nov 25, 2017, 5:50 PM

      @EWBtCiaST:

      I've been unable to download the OpenAppID RULES for about 6 weeks due to the following error code - Server returned error code 0. All of the other rules update every day.

      I've also deleted the Snort package and re-installed it and restored pfSense to a versus where Snort had previously updated all rules.

      Read the warning notice on the screen where you select the download of the OpenAppID rules.  They are currently maintained by a volunteer contributor and are hosted on a University web site in Brazil.  That University uses geo-blocking software to protect their web assets.  Thus some countries and IP blocks will find themselves blocked by that system.

      That may well be the case for you.  I hear some work is going going to maybe get these volunteer rules hosted elsewhere.  If that happens, the geo-blocking issue should go away.

      Bill

      1 Reply Last reply Reply Quote 0
      • E
        EWBtCiaST
        last edited by Nov 25, 2017, 6:13 PM

        Bill,

        Thanks for the reply. I don't think that's the problem as I'm in the U.S. and I was just able to download the rules using a test virtual machine with the same public IP as the one that doesn't work.

        1 Reply Last reply Reply Quote 0
        • B
          bmeeks
          last edited by Nov 26, 2017, 1:24 PM Nov 26, 2017, 1:18 PM

          @EWBtCiaST:

          Bill,

          Thanks for the reply. I don't think that's the problem as I'm in the U.S. and I was just able to download the rules using a test virtual machine with the same public IP as the one that doesn't work.

          Are you running any other blocking packages?  pfBlockerNG, for example.  Some of the IP lists there have blocked access to rules downloads for folks using them.  Do you have a proxy of some sort in use?

          The download process is just a simple call to the curl() functions in PHP with the rules URL.  The exact same code is used for all the rules downloads, so if one works that means the underlying code is good.  Otherwise, no downloads would work.

          Bill

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received