Snort Rules Update Problem: snort rules: md5 signature of rules mismatch.

  • Hello All,

    I have pfsense 1.2.2 and install snort.Snort success installation but dont update.
    Oinkmaster code have, i go to snort update page an error  "Snort success installation but dont update."

    I manuel download and update snort rule, is read documant :'t_snort_properly_download_rules%3F

    then snort rule come rule and categori page but dont starting snor  :'(

    Reboot pfsense but dont start snort service.

    I use command on ssh : /usr/local/etc/rc.d/ start

    Snort service starting but, testing snort a attack then snort service stoped …

    I scanning snort wan interface port (nmap) ana ftp request (netcat) but Snor dont aler and logging  :-\

    What is my problem. I uninstall snort and reinstall snort after delete pfsense.
    İnstall new pfsense and snort but i problem ongoing :S

    What is the problem, How do I solve.

    Thansk for relation

  • Rebel Alliance Developer Netgate

    This has been asked and answered a few other times in the last few days. Sourcefire is reorganizing their web site and a representative from there has stated that this is likely a side effect.

    Once their new site is up it should either fix itself, or a fix will need to be made to the package, but right now everything is in a holding pattern until they finish what they are doing.

  • im also encountering the same issue, now i know what is the cause.

    thanks for the reply

    more power to your team  :)

  • Rebel Alliance Developer Netgate

    I haven't tried it myself, but I saw a commit go in earlier today that was supposed to fix this.

    My guess is if you update your snort package again and then try to reload the rules, it should work.

  • looks like its fixed. i uninstalled and reinstalled snort on pfsense 1.2.2 and the rules download now.

  • Rebel Alliance Developer Netgate

    I added a note about this to the Doc Wiki for future reference.