diff options
Diffstat (limited to 'pulledpork.conf')
-rw-r--r-- | pulledpork.conf | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/pulledpork.conf b/pulledpork.conf index afb5a0aec05c..11f7a6a510b8 100644 --- a/pulledpork.conf +++ b/pulledpork.conf @@ -18,13 +18,13 @@ # i.e. url|tarball|123456789, #rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|<oinkcode> # NEW Community ruleset: -#rule_url=https://s3.amazonaws.com/snort-org/www/rules/community/|community-rules.tar.gz|Community +#rule_url=https://snort.org/downloads/community/|community-rules.tar.gz|Community # NEW For IP Blacklisting! Note the format is urltofile|IPBLACKLIST|<oinkcode> # This format MUST be followed to let pulledpork know that this is a blacklist -#rule_url=http://talosintel.com/files/additional_resources/ips_blacklist/ip-filter.blf|IPBLACKLIST|open +#rule_url=https://talosintelligence.com/documents/ip-blacklist|IPBLACKLIST|open # URL for rule documentation! (slow to process) -#rule_url=https://www.snort.org/reg-rules/|opensource.gz|<oinkcode> -rule_url=https://rules.emergingthreatspro.com/|emerging.rules.tar.gz|open +#rule_url=https://snort.org/downloads/community/|opensource.gz|Opensource +rule_url=https://rules.emergingthreats.net/|emerging.rules.tar.gz|open # THE FOLLOWING URL is for emergingthreats downloads, note the tarball name change! # and open-nogpl, to avoid conflicts. #rule_url=https://rules.emergingthreats.net/|emerging.rules.tar.gz|open-nogpl @@ -180,7 +180,7 @@ config_path=/etc/snort/snort.conf # Define the path to the pid files of any running process that you want to -# HUP after PP has completed its run. +# sent a signal (specified with -H option) after PP has completed its run. # pid_path=/var/run/snort.pid,/var/run/barnyard.pid,/var/run/barnyard2.pid # and so on... # pid_path=/var/run/snort_eth0.pid @@ -190,6 +190,9 @@ config_path=/etc/snort/snort.conf # This value MUST contain all 4 minor version # numbers. ET rules are now also dependant on this, verify supported ET versions # prior to simply throwing rubbish in this variable kthx! +# +# Suricata users - set this to 'suricata-3.x.x' to process rule files +# for suricata, this mimics the -S flag on the command line. # snort_version=2.9.0.0 # Here you can specify what rule modification files to run automatically. @@ -209,4 +212,4 @@ modifysid=/etc/pulledpork/modifysid.conf ####### need to process so_rules, simply comment out the so_rule section ####### you can also specify -T at runtime to process only GID 1 rules. -version=0.7.2 +version=0.7.3 |