No subject

Thu Nov 23 16:36:19 EST 2017

  ghosts:tmp {114} tar -zxvf ~erek/snortrules.tar.gz
  ghosts:tmp {115} cd rules
  ghosts:rules {116} grep 'flow:' *.rules
  ghosts:rules {117}

If you see "flow:" in any of your rulesets, then you grabbed the 'wrong' rules
for 1.8.6.  You've somehow ended up with the 1.9 rulesets. should be the definitive site for all your snort rule needs.  :)
Hrmmmm....  "The Best Damn Snort Show Ever"...  I wonder if ESPN would like
that very much?  ;-)

Hope that helps!

Erek Adams

More information about the Snort-users mailing list