Snort mailing list archives

Previous By Date Next
Previous By Thread Next

One liner to generate map file from rules.

From: Dragos Ruiu <dr () kyx net>
Date: Tue, 27 Aug 2002 13:06:43 +0000
If in doubt...

 cat *rules  | grep "msg:" | sed -e 's/^.*msg:\"//' | sed -e 's/\"\;.*sid:/%/' 
| sed -e 's/\;.*$/ || /' |  awk -F'%' ' { print $2 $1 }' >sid-msg.map

This will give you a map file from your rules.
It's not pretty but it is short... :-) I know I could
have used just one sed...but this works. :-)

Cheers,
--dr

-- 
dr () kyx net   pgp: http://dragos.com/kyxpgp
Advance CanSecWest/03 registration available: http://cansecwest.com
"The question of whether computers can think is like the question
  of whether submarines can swim." --Edsger Wybe Dijkstra 1930-2002



-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone?  Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: