Snort - ….rules(385) threshold (in rule) is deprecated;...

  • WARNING /usr/local/etc/snort/snort_?????_???/rules/emerging-attack_response.rules(385) threshold (in rule) is deprecated; use detection_filter instead.

    Dont know if this should be a feature request or not, but getting the above message which means* going to this sub group of rules and counting down the rules to noumber 385, so could the php be modified so that the rule number for each rule in the snort_rules.php web page can be shown so its easier and quicker to lookup when a warning like the above appears in the system logs?

    *Thats assuming I have intepreted the warning message correctly?

  • I dont now if something has changed but I'm now getting this error message:
    Warning: opendir(/usr/local/etc/snort/snort_28528_em0/rules/): failed to open dir: No such file or directory in /usr/local/www/snort/snort_rulesets.php on line 251 Warning: readdir(): supplied argument is not a valid Directory resource in /usr/local/www/snort/snort_rulesets.php on line 252 Warning: sort() expects parameter 1 to be array, null given in /usr/local/www/snort/snort_rulesets.php on line 255 Warning: Invalid argument supplied for foreach() in /usr/local/www/snort/snort_rulesets.php on line 256

    This is despite reformatting & reinstalling pfsense, downloading a new snort package. The other thing I have noticed is on the Services: Snort: Updates page, there is SNORT.ORG >>>  N/A instead of the usual alpha numerics. Is this possibly a side effect of this?

  • Doh wrong oinkcode.  ::)