[Oisf-users] documentation error

Francis Trudeau ftrudeau at emergingthreats.net
Fri Dec 30 18:48:25 UTC 2016


Is correct.

$ wget -q https://rules.emergingthreats.net/open/suricata-3.2/emerging.rules.tar.gz
$ wget -q https://rules.emergingthreats.net/open/suricata-1.3/emerging.rules.tar.gz
$ md5sum *
bf8ff78e4136bf76963e617fe7187929  emerging.rules.tar.gz
bf8ff78e4136bf76963e617fe7187929  emerging.rules.tar.gz.1

We use modrewite to make sure that goes to the right place, which is
to the 1.3 branch, which is latest at this time.  When we fork to 3.2
or whatnot, we will make it so that goes to the correct place after
the fork.

Essentially, always use your version in the url, if we fork later, and
your version is included in the fork, you will get the forked rules.

I hope that makes sense.


On Fri, Dec 30, 2016 at 12:56 AM, Vieri <rentorbuy at yahoo.com> wrote:
> ----- Original Message -----
>> From: Victor Julien <lists at inliniac.net>
>> It works for me.
> OK, it seems to work me now too.
> In any case, the "outdated" site at
> https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Rule_Management_with_Oinkmaster states that you should use:
> http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz
> while the new site at
> http://suricata.readthedocs.io/en/latest/rule-management/oinkmaster.html
> states that you should use:
> https://rules.emergingthreats.net/open/suricata-3.2/emerging.rules.tar.gz
> I didn't diff to check if the download result is the same but I guess I should just stick to what readthedocs says.
> Thanks.
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users

More information about the Oisf-users mailing list