Hi there
when I click on “download rules” button, I see this in my messages log:
Oct 31 11:20:27 mail2 esmith::event[48715]: #011Error 404 when fetching https://rules.emergingthreats.net/open-nogpl/suricata/emerging.rules.tar.gz.md5 at /usr/bin/pulledpork line 534.
Oct 31 11:20:27 mail2 esmith::event[48715]: #011main::md5file(‘open-nogpl’, ‘emerging.rules.tar.gz’, ‘/tmp/’, ‘https://rules.emergingthreats.net/open-nogpl/suricata/’) called at /usr/bin/pulledpork line 2006
Oct 31 11:20:27 mail2 esmith::event[48715]: IP Blacklist download of http://talosintelligence.com/feeds/ip-filter.blf…
Oct 31 11:20:27 mail2 esmith::event[48715]: Reading IP List…
Oct 31 11:20:27 mail2 esmith::event[48715]: Checking latest MD5 for emerging.rules.tar.gz…
Oct 31 11:20:27 mail2 esmith::event[48715]: #011A 404 error occurred, please verify your filenames and urls for your tarball!
Oct 31 11:20:27 mail2 suricata: 31/10/2017 – 11:20:27 - - rule reload starting
Oct 31 11:20:27 mail2 suricata: 31/10/2017 – 11:20:27 - - [ERRCODE: SC_ERR_INVALID_ARGUMENT(13)] - Invalid rule-files configuration section: expected a list of filenames.
Oct 31 11:20:27 mail2 suricata: 31/10/2017 – 11:20:27 - - [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can’t suppress sid 2022913, gid 1: unknown rule
Oct 31 11:20:27 mail2 suricata: 31/10/2017 – 11:20:27 - - [ERRCODE: SC_ERR_EVENT_ENGINE(210)] - can’t suppress sid 2011124, gid 1: unknown rule
Oct 31 11:20:27 mail2 suricata: 31/10/2017 – 11:20:27 - - rule reload complete
taking a look at remote dir, I see:
as you can see the path is changed