[Snort-devel] snort 3.0 rule parser via Lua

Jun Xiao xiaojuntime at ...2499...
Mon Jul 7 04:01:54 EDT 2008


Hi All,

I have a question about the Lua usage in snort 3.0.
As Marty mentioned at
http://securitysauce.blogspot.com/2007/11/snort-30-architecture-series-part-1.html:
"The command shell is running the Lua scripting language, a
lightweight embeddable scripting language that is fast and portable as
well as being very nice for implementing Domain Specific Languages. If
Snort's parser wasn't one of your favorite features in the past you
should definitely like this change! For those of you wondering if
Snort 3.0 will handle Snort's existing rules language, of course it
will. We're not planning on throwing out 9 years of accumulated
detection functionality!"

For the source code, I can not find the code for parsing snort rule by
Lua, so I am wondering if this is already supported in snort 3.0 beta
or still under planning?

Thanks,
Jun




More information about the Snort-devel mailing list