<p>Hi Brant, <br>
It would be helpful if you could some info regarding this frome your suricata.log file, if possible, if you have configured that in your yaml file.</p>
<p>Thank you</p>
<div class="gmail_quote">On 11 Jul 2011 17:24, "Brant Wells" <<a href="mailto:bwells@tfc.edu">bwells@tfc.edu</a>> wrote:<br type="attribution">> Hi All,<br>> <br>> Not sure if this should be posted on the dev list or the users lists, so I<br>
> thought I'd ask here first...<br>> <br>> I'd like to use the Emerging Threats open rule sets for Suricata. However,<br>> when I updated the rules, now when I run Suricata, with --init-errors-fatal,<br>
> I get<br>> <br>> [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Error parsing signature "alert udp<br>> $EXTERNAL_NET any -> $HOME_NET 514 (msg:"ET DOS Cisco 514 UDP flood DoS";<br>> content:"|25 25 25 25 25 58 58 25 25 25 25 25|"; classtype: attempted-dos;<br>
> reference:url,<a href="http://www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml">www.cisco.com/warp/public/707/IOS-cbac-dynacl-pub.shtml</a>;<br>> reference:url,<a href="http://doc.emergingthreats.net/bin/view/Main/2000010">doc.emergingthreats.net/bin/view/Main/2000010</a>; reference:url,<br>
> <a href="http://www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Cisco_514_UDP_DoS">www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/DOS/DOS_Cisco_514_UDP_DoS</a>;<br>> sid:2000010; rev:11;)" from file /etc/suricata/rules/emerging-dos.rules at<br>
> line 54<br>> <br>> A ton of rule errors like that. How can I find / fix them? I am running<br>> 1.1 beta 2 (rev 047b19d) from the git repo...<br>> <br>> See Yas!<br>> ~Brant<br></div>