Hi All,<div><br></div><div>Not sure if this should be posted on the dev list or the users lists, so I thought I'd ask here first...</div><div><br></div><div>I'd like to use the Emerging Threats open rule sets for Suricata. However, when I updated the rules, now when I run Suricata, with --init-errors-fatal, I get</div>
<div><br></div><div><div>[ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Error parsing signature "alert udp $EXTERNAL_NET any -> $HOME_NET 514 (msg:"ET DOS Cisco 514 UDP flood DoS"; content:"|25 25 25 25 25 58 58 25 25 25 25 25|"; classtype: attempted-dos; reference:url,<a href="http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml">www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml</a>; reference:url,<a href="http://doc.emergingthreats.net/bin/view/Main/2000010">doc.emergingthreats.net/bin/view/Main/2000010</a>; reference:url,<a href="http://www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Cisco_514_UDP_DoS">www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Cisco_514_UDP_DoS</a>; sid:2000010; rev:11;)" from file /etc/suricata/rules/emerging-dos.rules at line 54</div>
</div><div><br></div><div>A ton of rule errors like that. How can I find / fix them? I am running 1.1 beta 2 (rev 047b19d) from the git repo...</div><div><br></div><div>See Yas!<br>~Brant</div><div><br></div><div><br></div>
<div><br></div>