pulledpork fixes

rule_url fixes. Also finally getting pulledpork via github. like I should have been doing a while ago.
yoramvandevelde · Oct 30, 2015 · 6065c6a · 6065c6a
1 parent 343bea1
commit 6065c6a
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 8 deletions.
diff --git a/...t - Ubuntu/autosnort-ubuntu-08-11-2015.sh → ...t - Ubuntu/autosnort-ubuntu-10-30-2015.sh b/...t - Ubuntu/autosnort-ubuntu-08-11-2015.sh → ...t - Ubuntu/autosnort-ubuntu-10-30-2015.sh
@@ -555,8 +555,8 @@ cp pulledpork.conf pulledpork.conf.orig
 
 echo "rule_url=https://www.snort.org/reg-rules/|snortrules-snapshot.tar.gz|$o_code" > pulledpork.tmp
 echo "rule_url=https://www.snort.org/reg-rules/|opensource.gz|$o_code" >> pulledpork.tmp
-echo "rule_url=https://s3.amazonaws.com/snort-org/www/rules/community/|community-rules.tar.gz|Community" >> pulledpork.tmp
-echo "rule_url=http://labs.snort.org/feeds/ip-filter.blf|IPBLACKLIST|open" >> pulledpork.tmp
+echo "rule_url=https://snort.org/downloads/community/|community-rules.tar.gz|Community" >> pulledpork.tmp
+echo "rule_url=http://talosintel.com/feeds/ip-filter.blf|IPBLACKLIST|open" >> pulledpork.tmp
 echo "ignore=deleted.rules,experimental.rules,local.rules" >> pulledpork.tmp
 echo "temp_path=/tmp" >> pulledpork.tmp
 echo "rule_path=$snort_basedir/rules/snort.rules" >> pulledpork.tmp

diff --git a/Autosnort - Ubuntu/autosnort-ubuntu-README.txt b/Autosnort - Ubuntu/autosnort-ubuntu-README.txt
@@ -28,12 +28,18 @@ Note: After the installation is complete, either secure the full_autosnort.conf
 ##############################
 autosnort-Ubuntu Release Notes
 ##############################
-Codename:"IM NOT DEAD YET! I FEEL HAPPY!"
 
-It works again! Also: new features!
+Current Release:autosnort-ubuntu-10-30-15-2015
 
-Current Release:autosnort-ubuntu-08-11-15-2013
+autosnort-ubuntu changes:
+-snort.org changed the rule_urls for the community ruleset as well as the IP blacklist set. This  made pulledpork angry. Fixed this.
+-speaking of pulledpork, we're finally pulling it from github, since googlecode has been "dead" for a while now.
+
+Current Release:autosnort-ubuntu-08-11-15-2015
 
+##################
+Previous Releases
+##################
 autosnort-ubuntu changes:
 -the installer uses libdumbnet-dev ubuntu package, and through creative symlinking (dumbnet.h to dnet.h) it works just fine. This means no longer having to download and compile libdnet from source anymore.
 -the installer also installs git as a core requirement package
@@ -73,9 +79,7 @@ Other Issues:
 --The scripts will remain and if there is enough demand, I could probably try to rig something together, but let me state for the record that this is a bad idea.
 
 -Since sguil automation seems to work, I'm probably going to build another script to install squert as well. I don't think this should be too difficult.
-##################
-Previous Releases
-##################
+
 autosnort-ubuntu-11-02-2014.sh
 
 autosnort-ubuntu changes: