[Snort-sigs] update of snort rules with pcre
frank at ...1978...
Fri Oct 24 21:25:19 EDT 2003
On Thu, 2003-10-23 at 03:25, Martin Olsson wrote:
> I hear you're talking about checking out rules via CVS instead of
> downloading the tar.gz.
> Two questions:
> 1. Are the rules in CVS more frequently updated than the stable.tar.gz, or
> is the tar-file automaticly created from CVS every day?
Sorry, I don't have the answer for that, but I thought the tar was
rolled from CVS daily.
> 2. What is the best command to download only the rules, not the entire
> snort distribution from CVS? (http://www.snort.org/source.html only
> state how to download the entire thing)
You need two directories, rules and etc (for the sid files). Following
command would work:
# cvs -d :pserver:anonymous at cvs.snort.sourceforge.net:/cvsroot/snort co
-r SNORT_2_0 snort/etc snort/rules
Then just use a script to move/copy the rules and the pertinent files
from etc (i.e. sid-msg.map) into your production Snort dir. Note that
above will check out 2.0 rules, not HEAD :)
Hope this helps,
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 187 bytes
Desc: This is a digitally signed message part
More information about the Snort-sigs