higgins1 at mts.net higgins1 at mts.net
Fri Aug 27 13:32:02 UTC 2010


Finally got a chance to check the fix for rule 2011288, and it does not error now.

On another note, I have noticed that there are a significant number of rules in the snort 2.8.6 rule set that throw various different different errors on startup and are subsequently disabled or modified to permit suricata to start, which is great by the way.

for example 
[ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - DetectFastPatternSetup: fast_pattern shouldn't be supplied with a value
[ERRCODE: SC_WARN_COMPATIBILITY(159)] - http_uri cannot be used with "fast_pattern" currently.Unsetting fast_pattern on this modifier.
[ERRCODE: SC_ERR_UNKNOWN_REGEX_MOD(129)] - unknown regex modifier 'H'

Is there a specific snort version of rules to use with suricata, or is this simply snort changing some options that suricata has not implemented yet.

Keep up the good work.


More information about the Oisf-users mailing list