3. Syntax error with OpenAppID http://files.pfsense.org/openappid/appid_rules.tar.g

Syntax error with OpenAppID http://files.pfsense.org/openappid/appid_rules.tar.g

  • R

    I see a syntax error with two files missing the ) on the end and causing me to fails to start my snort when this is enabled

    Enable RULES OpenAppID

    File: http://files.pfsense.org/openappid/appid_rules.tar.gz

    Searching for: inskin_media

    \appid_rules\appid.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;

    \appid_rules\openappid-ads.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;

    0
  • S

    This rule is in openappid-ads.rules. Disable it temporarily until it has been fixed. The problem is that there's the same error on this rule as well:
    I can't seem to find the SID in any of the openappid categories… ?

    alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"scribd_upload";flow:from_client;appid:scribd_upload; sid:71443 ; classtype:misc-activity; rev:1

    Edit: Seems many rules have the same problem at the present time: https://forum.pfsense.org/index.php?topic=79855.msg771713#msg771713

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy