Snort++: enum "RuleOptType"

[Sancho Panza <sancho () posteo de>]

Hello

I have noticed that IPS options register themselves with Snort by 
providing their RuleOptType, either of

OPT_TYPE_LOGGING,
OPT_TYPE_DETECTION,
OPT_TYPE_META

I was trying to find out what are the exact implications of registering 
one type or the other. The only place in the source that I was able to 
find is in IpsManager::option_end ( ips_manager.cc), where it only makes 
a difference if you provide OPT_TYPE_META or any other:

if ( ! ips )
     return (ruleOptType == OPT_TYPE_META);

In parse_rule_opt_end (parse_rule.cc) it also only makes a difference if 
you provide OPT_TYPE_META.

So it looks to me like it really makes no difference at all to use 
OPT_TYPE_LOGGING or OPT_TYPE_DETECTION, is that right?

Why is a distinction made between these two? Am I missing something?

Thanks

Sancho

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!