diff options
Diffstat (limited to 'pulledpork.conf')
-rw-r--r-- | pulledpork.conf | 39 |
1 files changed, 20 insertions, 19 deletions
diff --git a/pulledpork.conf b/pulledpork.conf index 11f7a6a510b8..fe168247485d 100644 --- a/pulledpork.conf +++ b/pulledpork.conf @@ -19,14 +19,12 @@ #rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<oinkcode> # NEW Community ruleset: #rule_url=https://snort.org/downloads/community/|community-rules.tar.gz|Community -# NEW For IP Blacklisting! Note the format is urltofile|IPBLACKLIST|<oinkcode> -# This format MUST be followed to let pulledpork know that this is a blacklist -#rule_url=https://talosintelligence.com/documents/ip-blacklist|IPBLACKLIST|open -# URL for rule documentation! (slow to process) -#rule_url=https://snort.org/downloads/community/|opensource.gz|Opensource -rule_url=https://rules.emergingthreats.net/|emerging.rules.tar.gz|open +# NEW For IP Block lists! Note the format is urltofile|IPBLOCKLIST|<oinkcode> +# This format MUST be followed to let pulledpork know that this is a blocklist +#rule_url=https://snort.org/downloads/ip-block-list|IPBLOCKLIST|open # THE FOLLOWING URL is for emergingthreats downloads, note the tarball name change! # and open-nogpl, to avoid conflicts. +rule_url=https://rules.emergingthreats.net/|emerging.rules.tar.gz|open #rule_url=https://rules.emergingthreats.net/|emerging.rules.tar.gz|open-nogpl # THE FOLLOWING URL is for etpro downloads, note the tarball name change! # and the et oinkcode requirement! @@ -124,22 +122,25 @@ config_path=/etc/snort/snort.conf # Define your distro, this is for the precompiled shared object libs! # Valid Distro Types: -# Debian-6-0, Ubuntu-10-4 -# Ubuntu-12-04, Centos-5-4 -# FC-12, FC-14, RHEL-5-5, RHEL-6-0 -# FreeBSD-8-1, FreeBSD-9-0, FreeBSD-10-0 -# OpenBSD-5-2, OpenBSD-5-3 -# OpenSUSE-11-4, OpenSUSE-12-1 -# Slackware-13-1 -#distro=FreeBSD-8.1 +# Alpine-3-10 +# Centos-6, Centos-7, Centos-8 +# Debian-8, Debian-9, Debian-10 +# FC-27, FC-30 +# FreeBSD-11, FreeBSD-12 +# OpenBSD-6-2, OpenBSD-6-4, OpenBSD-6-5, +# OpenSUSE-15-0, OpenSUS-15-1, OpenSUSE-42-3 +# RHEL-6, RHEL-7, RHEL-8 +# Slackware-14-2 +# Ubuntu-14-4, Ubuntu-16-4, Ubuntu-17-10, Ubuntu-18-4 +#distro=FreeBSD-12 ####### This next section is optional, but probably pretty useful to you. ####### Please read thoroughly! # If you are using IP Reputation and getting some public lists, you will probably -# want to tell pulledpork where your blacklist file lives, PP automagically will +# want to tell pulledpork where your blocklist file lives, PP automagically will # de-dupe any duplicate IPs from different sources. -#black_list=/etc/snort/rules/iplists/default.blacklist +#block_list=/etc/snort/rules/iplists/default.blocklist # IP Reputation does NOT require a full snort HUP, it introduces a concept whereby # the IP list can be reloaded while snort is running through the use of a control @@ -147,7 +148,7 @@ config_path=/etc/snort/snort.conf # -enable-shared-rep and --enable-control-socket. Be sure to read about how to # configure these! The following option tells pulledpork where to place the version # file for use with control socket ip list reloads! -# This should be the same path where your black_list lives! +# This should be the same path where your block_list lives! #IPRVersion=/etc/snort/rules/iplists # The following option tells snort where the snort_control tool is located. @@ -191,7 +192,7 @@ config_path=/etc/snort/snort.conf # numbers. ET rules are now also dependant on this, verify supported ET versions # prior to simply throwing rubbish in this variable kthx! # -# Suricata users - set this to 'suricata-3.x.x' to process rule files +# Suricata users - set this to 'suricata-5.x.x' to process rule files # for suricata, this mimics the -S flag on the command line. # snort_version=2.9.0.0 @@ -212,4 +213,4 @@ modifysid=/etc/pulledpork/modifysid.conf ####### need to process so_rules, simply comment out the so_rule section ####### you can also specify -T at runtime to process only GID 1 rules. -version=0.7.3 +version=0.7.4 |