Snort::Rule Snort::Rule is a Perl extension for dynamically building snort rules.
Download

Snort::Rule Ranking & Summary

Snort::Rule Tags

Perl module building Snort Perl extension building snort rules

Snort::Rule Description

Snort::Rule is a Perl extension for dynamically building snort rules. Snort::Rule is a Perl extension for dynamically building snort rules.SYNOPSIS use Snort::Rule; $rule = Snort::Rule->new( -action => 'alert', -proto => 'tcp', -src => 'any', -sport => 'any', -dir => '->', -dst => '192.188.1.1', -dport => '44444', ); $rule->opts('msg','Test Rule"'); $rule->opts('threshold','type limit,track by_src,count 1,seconds 3600'); $rule->opts('sid','500000'); print $rule->string()."n"; OR $rule = 'alert tcp $SMTP_SERVERS any -> $EXTERNAL_NET 25 (msg:"BLEEDING-EDGE POLICY SMTP US Top Secret PROPIN"; flow:to_server,established; content:"Subject|3A|"; pcre:"/(TOPsSECRET|TS)//*PROPIN*(?=//(25)?X)/ism"; classtype:policy-violation; sid:2002448; rev:1;)'; $rule = Snort::Rule->new(-parse => $rule); print $rule->string()."n";This is a very simple snort rule object. It was developed to allow for scripted dynamic rule creation. Ideally you could dynamically take a list of bad hosts and build an array of snort rule objects from that list. Then write that list using the string() method to a snort rules file. Requirements: · Perl

Snort::Rule Related Software