[Snort-users] What is ruletype type good for?

carold at ...158... carold at ...158...
Fri Jul 5 09:41:06 EDT 2002


I am unable to find out what is the functional significance of "type alert"
or "type log" in "ruletype". My assumption was that it sets processing
priority for rules of this type but this is not the case. Even if I have "ruletype
myalert" of "type alert" Snort will process these rules as
alert->pass->log->myalert, which does not make sense in my mind.

Could anybody clarify?


-- 
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net





More information about the Snort-users mailing list