Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: rule chains

From: Erek Adams <erek () snort org>
Date: Sun, 6 Apr 2003 21:39:58 -0500 (EST)
On Sun, 7 Apr 2003, Derya Sezen wrote:


Is it possible to define a rule chain in Snort? I mean to make an event
if a set of rules matches, for example:
We have find a traffic with consists of 3 packets:
client -> server
server -> client
client -> server

each packet has its own specific information, like the content...

If we see a traffic like that, between a client and a server, we want to
define event, a log or a flex response...

If it is possible, how can i do it!?


Activate/Dynamic rule [0].

-----
Erek Adams

   "When things get weird, the weird turn pro."   H.S. Thompson

[0]     http://www.snort.org/docs/writing_rules/chap2.html#tth_sEc2.2.6


-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb: 
Dedicated Hosting for just $79/mo with 500 GB of bandwidth! 
No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: