[Snort-sigs] (RE : rules update) Hope this help

David Bouscasse bouscasse_david at ...174...
Wed Dec 19 05:34:03 EST 2001


Hi pigs lovers,

Here's a sh script which look in a old rules set the
commented alerts, and comment them if any in a new
rule set. You can adapt it easily to add your own
rules in the new rule set. 

David

> Message: 1
> From: "Study List" <studylist at ...12...>
> To: snort-sigs at lists.sourceforge.net
> Date: Mon, 17 Dec 2001 22:03:45 +0000
> Subject: 
> 
> I am running the current version of snort and have
> spent the last 2 days 
> configuring it so that I dont log certain things.  I
> would like to update 
> the rules files withouth losing my changes that I
> have made to files like 
> web-misc.rules and icmp.rules.   I added custom
> rules to local.rules and 
> commented out or deleted rules from other files.
> 
> Any possible way to do this?  I tried diff and patch
> but it sees a commented 
> rule as being different than the original rule (as
> it is since it has a #).
> 
> adam
> 
> 

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Courrier : http://courrier.yahoo.fr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort_rules_update.sh
Type: application/x-sh
Size: 2092 bytes
Desc: snort_rules_update.sh
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20011219/c6e17563/attachment.sh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: out.txt
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20011219/c6e17563/attachment.txt>


More information about the Snort-sigs mailing list