Snort mailing list archives
Logging single alert per packet
From: Beenish Raza <beenish.raza () hotmail com>
Date: Wed, 21 May 2014 14:21:14 +0500
I want to know the command in snort which allows that snort stop scanning a packet after the 1st match is found. In other words, I have to avoid further scanning a packet once a packet is matched against a rule (no need to report the longest match).
------------------------------------------------------------------------------ "Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE Instantly run your Selenium tests across 300+ browser/OS combos. Get unparalleled scalability from the best Selenium testing platform available Simple to use. Nothing to install. Get started now for free." http://p.sf.net/sfu/SauceLabs
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Logging single alert per packet Beenish Raza (May 21)
- Re: Logging single alert per packet Bhagya Bantwal (bbantwal) (May 21)