[Snort-users] Oinkmaster v1.0 released.

Andreas Östling andreaso at ...236...
Sat May 15 01:55:01 EDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Oinkmaster v1.0 has been released.

Download:
http://prdownloads.sourceforge.net/oinkmaster/oinkmaster-1.0.tar.gz?download

MD5: 1140fb5484944691268579ca7fc83518

PGP signature:
http://oinkmaster.sourceforge.net/oinkmaster-1.0.tar.gz.asc

For those who don't know, Oinkmaster is a simple tool to update/manage
Snort signatures. The homepage is at http://oinkmaster.sourceforge.net/


Changes from v0.9:

o Default URL in distribution oinkmaster.conf is now
  http://www.snort.org/dl/rules/snortrules-snapshot-2_1.tar.gz. Don't
  forget to change it if it's not the right one for your version
  of Snort!
o You can now set "rule_actions = ..." in oinkmaster.conf to tell
  Oinkmaster what keywords are valid as the start of a Snort rule. Useful
  if you create your own ruletypes and want those lines to be regarded as
  rules instead of non-rule lines. If unset,
  "alert|drop|log|pass|reject|sdrop|activate|dynamic" will be used
  (same as before).
o You can now run without external binaries if you have the required
  Perl modules installed (Archive::Tar, IO::Zlib and LWP::UserAgent).
  You can set use_external_bins to 0 or 1 in oinkmaster.conf to override
  the default. 0 means to use the Perl modules, 1 means to use external
  binaries. It's set to 0 by default on Win32 (since the required
  Perl modules are already included in ActivePerl 5.8.1+), and 1 on other
  systems (i.e. same behavior as before). This makes it much easier to
  install Oinkmaster on Windows/ActivePerl. See the new default
  oinkmaster.conf for more information.
o A simple graphical multi-platform front-end to Oinkmaster written in
  Perl/Tk is included in the contrib directory (oinkgui.pl).
  See README.gui for more information. Screenshots are available on
  Oinkmaster's homepage.
o contrib/makesidex.pl has been rewritten to handle multi-line rules and
  multiple rules directories. It will now also include the rule's "msg"
  string as a comment on each disablesid line it prints. Usage syntax is
  unchanged.
o The other contrib scripts have been improved with misc feature updates
  and small bug fixes as well. For example, addmsg.pl now handles
  multiple rules directories just like the others. All scripts now give
  a short description when run without arguments. Full descriptions can
  still be found in contrib/README.contrib.
o The new default oinkmaster.conf has been updated with more and better
  examples (mostly "modifysid" stuff).
o Slightly improved multi-line rule parsing.
o Perl version is checked on startup and must be >= 5.6.1.
o Permission on all rules files in the output directory that are subject
  to become updated by Oinkmaster (i.e. files matching the "update_rules"
  regexp and that are not ignore by a "skipfile") are now checked
  before starting, so that we don't bail out in a middle of
  execution if a copy of an updated file should fail because of
  permission problem.
o A manual page is now included which describes all the command
  line options in detail.
o Major documentation updates (INSTALL, README, README.win32, FAQ).
o Many other improvements.

/Andreas

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (OpenBSD)

iD8DBQFApdZgytHlY5LIf/YRAmRhAJ0ZJ4AQmw2L4EdKj4mT/i1Vgvg9iACfceK+
yBXMWha7bEyHlv4ZUUc86vc=
=LrsS
-----END PGP SIGNATURE-----




More information about the Snort-users mailing list