Snort mailing list archives

Re: Compile so rules in C language

From: Mayur Patil <ram.nath241089 () gmail com>
Date: Mon, 28 Oct 2013 16:36:22 +0530

Hi Patrick sir,

       I got SO rules working. Thanks a lot.

       Now I have been hindered by a issue:

       Is there any link or reference for the alternative of *detection
filter in text rules* which I should define in shared object rules?

       I do not find any implementation of,   for ex,

*       detection_filter: track by_dst, count: 20, seconds: 2 ;*

       in data structure for C lang rules?

       These are my so_rules which are not working due to (I think) count
and seconds for packet classification.

       http://fpaste.org/49867/

       Seeking for guidance,

       Thanks !!
*
--
*
*Cheers,
Mayur*.

------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from 
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!

Current thread:

Re: Compile so rules in C language Mayur Patil (Oct 28)