[Snort-users] BASE Feature Suggestion to Display Rule Source
Alex Butcher, ISC/ISYS
Alex.Butcher at ...11254...
Fri Oct 7 07:57:51 EDT 2005
Hi John -
--On 07 October 2005 08:37 -0500 "McCash, John" <John.McCash at ...10979...>
> Woo! Woo!! Thanks loads. This works great, once you fix the typo
> that refers to base_constants.inc.pnp instead of base_constants.inc.php.
Oops! Mea culpa!
Kevin, this isn't in base-php4 CVS yet, so before you apply these patches,
please check that you don't include that typo before you do. ;-)
> Also, I'd think you'd want it to pop a separate window, rather than load
> in the current one, as all of the other signature reference links do.
> Please don't think I'm throwing rocks. I'm not. This is great, and I'm
> using it now. I salaam in your general direction :-)
Easy enough to do; just add
or something to the URL on line 275 of includes/base_signature.inc
> Much Appreciation
> -----Original Message-----
> From: Alex Butcher, ISC/ISYS [mailto:Alex.Butcher at ...11254...]
> Sent: Friday, September 16, 2005 3:42 AM
> To: McCash, John; snort-users at lists.sourceforge.net
> Subject: Re: [Snort-users] BASE Feature Suggestion to Display Rule
> --On 15 September 2005 18:18 -0500 "McCash, John"
> <John.McCash at ...10979...>
>> From the BASE config file, it looks like the <snort> tag is more
>> or less just forwarded to the sourcefire URL with a sid number, and
>> resultant page is displayed. It strikes me (as a non PHP programmer,
>> flames please) that it should not be terribly difficult to have BASE
>> instead display a web page with two frames, and put the sourcefire
>> in one, while simultaneously displaying the full text of the
>> rule (pulled from a locally maintained copy of all rules in use) in
> Indeed - I did this for my local copy of ACID about a year ago. I ported
> patch to BASE a few weeks back. Kevin basically liked it, but wanted to
> tweak it slightly to allow the location of the rules to be modified.
> I guess it might show up in the next release.
> I've attached my patch against 1.1.4, FWIW.
> Best Regards,
Alex Butcher: Security & Integrity, Personal Computer Systems Group
Information Systems and Computing GPG Key ID: F9B27DC9
GPG Fingerprint: D62A DD83 A0B8 D174 49C4 2849 832D 6C72 F9B2 7DC9
More information about the Snort-users