Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Syntax error with OpenAppID http://files.pfsense.org/openappid/appid_rules.tar.g

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 443 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rcmpayne
      last edited by

      I see a syntax error with two files missing the ) on the end and causing me to fails to start my snort when this is enabled

      Enable RULES OpenAppID

      File: http://files.pfsense.org/openappid/appid_rules.tar.gz

      Searching for: inskin_media

      \appid_rules\appid.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;

      \appid_rules\openappid-ads.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;

      1 Reply Last reply Reply Quote 0
      • S
        StarkJohan
        last edited by

        This rule is in openappid-ads.rules. Disable it temporarily until it has been fixed. The problem is that there's the same error on this rule as well:
        I can't seem to find the SID in any of the openappid categories… ?

        alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"scribd_upload";flow:from_client;appid:scribd_upload; sid:71443 ; classtype:misc-activity; rev:1

        Edit: Seems many rules have the same problem at the present time: https://forum.pfsense.org/index.php?topic=79855.msg771713#msg771713

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.