Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Mapping rules to policies

From: wkitty42 () windstream net
Date: Thu, 28 Sep 2017 12:28:46 -0400
On 09/28/2017 10:19 AM, Joseph Roscioli via Snort-users wrote:
"There are five states that we place rules in when we create them, four of the states are assigned to policies. - Connectivity over Security (Connectivity) - Either in “alert” or “drop” - Balanced (Balanced) - Either in “alert” or “drop” - Security over Connectivity (Security) - Either in “alert” or “drop”"
My question is : How do I know which policy a given rule is in? The FAQ answer contains "when you aren’t using the policies". 
I did not see any mention of policies in the User Manual.
look at the rules and you'll see a "meta" keyword... it will list the policies a rule is assigned to... not all rules will carry this information, though... 


--
 NOTE: No off-list assistance is given without prior approval.
       *Please keep mailing list traffic on the list unless*
       *a signed and pre-paid contract is in effect with us.*
_______________________________________________
Snort-users mailing list
Snort-users () lists snort org
Go to this URL to change user options or unsubscribe:
https://lists.snort.org/mailman/listinfo/snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: