Re: Versioned rulesets and release schedule

["Joel Esler \(jesler\) via Snort-devel" <snort-devel () lists snort org>]

The way we handle this with other rule updaters is:

Check the md5 of the file to be downloaded first.  If the md5 is different from the md5 of the file you already have, 
then update the file.  This method seems to be very efficient.



On Aug 20, 2018, at 1:29 PM, mike <mike () flyn org<mailto:mike () flyn org>> wrote:

First, does the Snort team provide a versioned tarball of the
community rules available at:
https://www.snort.org/downloads/community/snort3-community-rules.tar.gz
?
The trouble with the unversioned tarball is that it seems to change
over time.

[...]

Versioned, as in... what?

Something like snort3-community-rules-X.Y.Z.tar.gz. The point I am trying to make from a distribution packager point of 
view is that the URL should always point to the same object with the same hash. Changing the object referenced by the 
URL and thus invalidating the hash unpredictably causes a build failure in a packaging system which works like 
OpenWrt's.

To put it another way, an update to snort3-community-rules-X.Y.Z.tar.gz could exist as 
snort3-community-rules-X.Y.(Z+1).tar.gz. This would leave the URL pointing to snort3-community-rules-X.Y.Z.tar.gz 
intact. Thus an OpenWrt package would continue to build using X.Y.Z up to the point the packager updates the OpenWrt 
package to instead make use of X.Y.(Z+1).

--
Mike
:wq

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!