Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort subscriber rules failing to download

    Scheduled Pinned Locked Moved IDS/IPS
    4 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      garyd
      last edited by

      I'm seeing some curious behavior here:

      Starting rules update... Time: 2021-12-23 17:38:25
      Downloading Snort Subscriber rules md5 file snortrules-snapshot-29180.tar.gz.md5...
      Snort Subscriber rules md5 download failed.
      Server returned error code 422.
      Server error message was:
      Snort Subscriber rules will not be updated.
      Downloading Emerging Threats Open rules md5 file emerging.rules.tar.gz.md5...
      Checking Emerging Threats Open rules md5 file...
      Emerging Threats Open rules are up to date.

      Yet when I go to look at what's at snort.org, here are the versions available to download:

      snortrules-snapshot-29171.tar.gz
      snortrules-snapshot-29181.tar.gz
      snortrules-snapshot-29190.tar.gz

      Where is it getting the package version and why is it failing to find one that exists?

      fireodoF 1 Reply Last reply Reply Quote 1
      • fireodoF
        fireodo @garyd
        last edited by

        @garyd said in Snort subscriber rules failing to download:

        Where is it getting the package version and why is it failing to find one that exists?

        You have to update your Snort Package to version 4.1.5 :-)

        Merry Christmas
        fireodo

        Kettop Mi4300YL CPU: i5-4300Y @ 1.60GHz RAM: 8GB Ethernet Ports: 4
        SSD: SanDisk pSSD-S2 16GB (ZFS) WiFi: WLE200NX
        pfsense 2.8.0 CE
        Packages: Apcupsd, Cron, Iftop, Iperf, LCDproc, Nmap, pfBlockerNG, RRD_Summary, Shellcmd, Snort, Speedtest, System_Patches.

        1 Reply Last reply Reply Quote 0
        • bmeeksB
          bmeeks
          last edited by

          As @fireodo stated, you will need to update the Snort package to version 4.1.5. That package contains the latest 2.9.19.0 version of the Snort binary.

          Snort rules are tied to the binary version. And periodically the Snort team drops support for older binaries, and thus those rules are also removed from the download site.

          G 1 Reply Last reply Reply Quote 0
          • G
            garyd @bmeeks
            last edited by

            That fixed it — thanks everyone & happy holidays!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.