Re: dynamic (so) rules

[chris ryan <chris.ryan () gmx de>]

Nerijus Krukauskas wrote:
> > On 01/07/2008, chris ryan <chris.ryan () gmx de> wrote:
> > Just for curiosity, can anybody explain that to me?

> Take a look at the article by Richard Bejtlich:
Thanks for that link. It answers my second qestion:
"Don't be confused by the line "0 Dynamic rules." Dynamic in this case
refers to Dynamic/Activate rules, which are being phased out in favor
of a combination of tagging and flowbits."

> And then suit yourself with some drinks as so_rules were already
> discussed in [snort-users]. Cheers! ;)
Hmmm....beer. But - not yet. I still am curios about the rule count
before and after the compilation. I hope i'm not annoying.

The rules in the tarball are about 75, after compiling and stub'ing 'em,
there are only 22 left. I just wanted to know on what exactly that
resulting number depends (platform-, systemspecific?). The precompiled
librariers are crashing, so switching to them and all the 75 rules is no
option.


Thanks in advance, Chris.




-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users