Snort mailing list archives
Oinkmaster v1.0 released.
From: Andreas Östling <andreaso () it su se>
Date: Sat, 15 May 2004 10:53:58 +0200 (CEST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Oinkmaster v1.0 has been released. Download: http://prdownloads.sourceforge.net/oinkmaster/oinkmaster-1.0.tar.gz?download MD5: 1140fb5484944691268579ca7fc83518 PGP signature: http://oinkmaster.sourceforge.net/oinkmaster-1.0.tar.gz.asc For those who don't know, Oinkmaster is a simple tool to update/manage Snort signatures. The homepage is at http://oinkmaster.sourceforge.net/ Changes from v0.9: o Default URL in distribution oinkmaster.conf is now http://www.snort.org/dl/rules/snortrules-snapshot-2_1.tar.gz. Don't forget to change it if it's not the right one for your version of Snort! o You can now set "rule_actions = ..." in oinkmaster.conf to tell Oinkmaster what keywords are valid as the start of a Snort rule. Useful if you create your own ruletypes and want those lines to be regarded as rules instead of non-rule lines. If unset, "alert|drop|log|pass|reject|sdrop|activate|dynamic" will be used (same as before). o You can now run without external binaries if you have the required Perl modules installed (Archive::Tar, IO::Zlib and LWP::UserAgent). You can set use_external_bins to 0 or 1 in oinkmaster.conf to override the default. 0 means to use the Perl modules, 1 means to use external binaries. It's set to 0 by default on Win32 (since the required Perl modules are already included in ActivePerl 5.8.1+), and 1 on other systems (i.e. same behavior as before). This makes it much easier to install Oinkmaster on Windows/ActivePerl. See the new default oinkmaster.conf for more information. o A simple graphical multi-platform front-end to Oinkmaster written in Perl/Tk is included in the contrib directory (oinkgui.pl). See README.gui for more information. Screenshots are available on Oinkmaster's homepage. o contrib/makesidex.pl has been rewritten to handle multi-line rules and multiple rules directories. It will now also include the rule's "msg" string as a comment on each disablesid line it prints. Usage syntax is unchanged. o The other contrib scripts have been improved with misc feature updates and small bug fixes as well. For example, addmsg.pl now handles multiple rules directories just like the others. All scripts now give a short description when run without arguments. Full descriptions can still be found in contrib/README.contrib. o The new default oinkmaster.conf has been updated with more and better examples (mostly "modifysid" stuff). o Slightly improved multi-line rule parsing. o Perl version is checked on startup and must be >= 5.6.1. o Permission on all rules files in the output directory that are subject to become updated by Oinkmaster (i.e. files matching the "update_rules" regexp and that are not ignore by a "skipfile") are now checked before starting, so that we don't bail out in a middle of execution if a copy of an updated file should fail because of permission problem. o A manual page is now included which describes all the command line options in detail. o Major documentation updates (INSTALL, README, README.win32, FAQ). o Many other improvements. /Andreas -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (OpenBSD) iD8DBQFApdZgytHlY5LIf/YRAmRhAJ0ZJ4AQmw2L4EdKj4mT/i1Vgvg9iACfceK+ yBXMWha7bEyHlv4ZUUc86vc= =LrsS -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Oinkmaster v1.0 released. Andreas Östling (May 15)