Syntax error with OpenAppID http://files.pfsense.org/openappid/appid_rules.tar.g
-
I see a syntax error with two files missing the ) on the end and causing me to fails to start my snort when this is enabled
Enable RULES OpenAppID
File: http://files.pfsense.org/openappid/appid_rules.tar.gz
Searching for: inskin_media
\appid_rules\appid.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;
\appid_rules\openappid-ads.rules(2): alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"inskin_media";flow:from_client;appid:inskin_media; sid:71780 ; classtype:misc-activity; rev:1;
-
This rule is in openappid-ads.rules. Disable it temporarily until it has been fixed. The problem is that there's the same error on this rule as well:
I can't seem to find the SID in any of the openappid categories… ?alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"scribd_upload";flow:from_client;appid:scribd_upload; sid:71443 ; classtype:misc-activity; rev:1
Edit: Seems many rules have the same problem at the present time: https://forum.pfsense.org/index.php?topic=79855.msg771713#msg771713