[Snort-users] [snort-user] About Text rule parsing

Mayur Patil ram.nath241089 at ...11827...
Sun Sep 15 14:58:05 EDT 2013


    I am having one query regarding text rules parsing in rule generator.

  1. detection_filter:track by_src,count 25, seconds 2;  gives error of

       no valid rules to convert.

   2. The negation (!) sign also get ignored by the text rule parser like


   while text rules are working actually to detect intrusion activities;

   then why generator is nor parsing them ?

   Seeking for guidance,

   Thanks !!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20130916/c8a68d59/attachment.html>

More information about the Snort-users mailing list