Hello
The honeywall is updating snort rules using Oinkmaster. But the Oinkmaster by default don't update the sidmap file for snort, so new update rules will not be named (displayed as "unknown signature") in the walleye interface. The script "hwruleupdate" should need to run the following command after update the snort rules: create-sidmap.pl /etc/snort/rules/ > /etc/snort/sid-msg.map Brgds. nelson
_______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
