[Snort-devel] Snort FAQ 3.15: snortpp

Chris Green cmg at ...835...
Wed Oct 23 05:10:05 EDT 2002


Jan Ploski <jpljpl at ...578...> writes:

> Hello,
>
> I am reading the FAQ:
>
>> 3.15
>>
>> Q: Where does one obtain new/modifed rules? How do you merge them in?
>> 
>> A: New rules can be downloaded via CVS (See 3.16) or alternatively may
>> be found at www.snort.org. There is a mailing list dedicated to snort
>> rules, called snort-sigs hosted at sourceforge. To merge in new rules
>> check out the snortpp program in the snort/contrib directory in the
>> snort source archive.
>
> I am looking into snort/contrib of the 1.9.0 release and notice:
>
> 1. snortpp.c is there
> 2. It is not described in the README (other programs are).
> 3. It is not documented in the source code.
> 4. It includes a file "splay.c", which is not part of the release.
>
> My conclusion: this program is probably outdated. It should be either
> removed and not mentioned at all in the FAQ or the answer should point
> to information about how to actually compile and use this utility,
> otherwise it's waste of time.

Thanks,

We'll modify this to talk about oinkmaster type programs instead.
-- 
Chris Green <cmg at ...402...>
To err is human, to moo bovine.




More information about the Snort-devel mailing list