4. Snort raw rule downloads

Snort raw rule downloads

  • J

    When the pfSense Snort package downloads rule updates, does it save the raw files (either the tarball it downloads from Snort/ET, or the extracted files from those tarballs) somewhere accessible via SSH?

    I find that sometimes it's easier to grep a rule file for a specific rule to see references, etc. than it is to do so through the web gui.

    0

  • The entire tarball is not saved (it is downloaded to and extracted in a folder under /tmp and then deleted).  However, the individual rules files (category files) extracted from the raw tarball are save here on the firewall:  /usr/pbi/snort-amd64/etc/snort/rules.  Change the amd64 to i386 if you have a 32-bit install.

    Bill

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy