Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 427 lines (360 sloc) 20.738 kB
5d1d646 @mrash added ChangeLog.git file
authored
1 commit 8033d5d239dd544eaf927f1ea13c855c7ef054b6 (HEAD, refs/heads/fwsnort-1.6.2)
2 Author: Michael Rash <mbr@cipherdyne.org>
3 Date: Sat Apr 28 20:45:23 2012 -0400
4
5 bumped version to 1.6.2
6
7 VERSION | 2 +-
8 fwsnort | 4 ++--
9 2 files changed, 3 insertions(+), 3 deletions(-)
10
11 commit 59e2ff7b2567126827bdb8136b2e242d32d16ede (refs/heads/master)
12 Author: Michael Rash <mbr@cipherdyne.org>
13 Date: Sat Apr 28 14:27:02 2012 -0400
14
15 removed ShortLog in favor of ChangeLog + ChangeLog.git
16
17 ShortLog | 727 --------------------------------------------------------------
18 1 files changed, 0 insertions(+), 727 deletions(-)
19
20 commit 562e3acb0afbef722bdfa12ec69cea3d09b1881e (refs/remotes/origin/master)
21 Author: Michael Rash <mbr@cipherdyne.org>
22 Date: Sat Apr 28 14:23:56 2012 -0400
23
24 Added --icmp-type 'any' (with capabilities test)
25
26 Bug fix for recent versions of iptables (such as 1.4.12) where the icmp
27 match requires --icmp-type to be set - some Snort rules look for a string
28 to match in icmp traffic, but don't also specify an icmp type.
29
30 ChangeLog | 4 +++
31 fwsnort | 70 +++++++++++++++++++++++++++++++++++++++++++++---------------
32 2 files changed, 56 insertions(+), 18 deletions(-)
33
34 commit 619d7820e7546e247b9232a3b527cb86009315f2
35 Author: Michael Rash <mbr@cipherdyne.org>
36 Date: Sat Apr 28 11:44:27 2012 -0400
37
38 bug fix psadlibdir -> fwsnortlibdir
39
40 packaging/fwsnort-require-makemaker.spec | 136 +++++++++++++++---------------
41 packaging/fwsnort.spec | 136 +++++++++++++++---------------
42 2 files changed, 136 insertions(+), 136 deletions(-)
43
44 commit dbfc72ff06809e39bc2dff5b52323d8103625330
45 Author: Michael Rash <mbr@cipherdyne.org>
46 Date: Sat Apr 28 11:43:58 2012 -0400
47
48 bug fix for 'qw() used as parenthesis' warnings under perl > 5.14
49
50 fwsnort | 34 +++++++++++++++++-----------------
51 1 files changed, 17 insertions(+), 17 deletions(-)
52
53 commit 9b31c8bef1e24d114857e38dcf62c22861f6487b
54 Author: Michael Rash <mbr@cipherdyne.org>
55 Date: Sat Apr 28 10:18:16 2012 -0400
56
57 added ChangeLog info for the 1.6.1 and 1.6.2 releases
58
59 ChangeLog | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
60 1 files changed, 81 insertions(+), 1 deletions(-)
61
62 commit f65256d026d532ef5e7f862ef1273520b3cd173e
63 Author: Michael Rash <mbr@cipherdyne.org>
64 Date: Sat Apr 28 10:17:48 2012 -0400
65
66 updated RPM spec file version to 1.6.2
67
68 packaging/fwsnort-nodeps.spec | 4 ++--
69 packaging/fwsnort-require-makemaker.spec | 4 ++--
70 packaging/fwsnort.spec | 4 ++--
71 3 files changed, 6 insertions(+), 6 deletions(-)
72
73 commit ac12a3d634874f480c8e6e4cebd3aed7fcf8bca2
74 Author: Michael Rash <mbr@cipherdyne.org>
75 Date: Sat Apr 28 10:17:05 2012 -0400
76
77 updated to the latest Snort rules from Emerging Threats
78
79 deps/snort_rules/emerging-all.rules | 2852 +++++++++++++++++++++++++----------
80 1 files changed, 2032 insertions(+), 820 deletions(-)
81
82 commit eab4b7f597deda88fe01662c1ac0d44ecf8be7f0
83 Author: Michael Rash <mbr@cipherdyne.org>
84 Date: Thu Apr 19 21:30:43 2012 -0400
85
86 moved ChangeLog.old -> ChangeLog (the old style is much more readable)
87
88 ChangeLog | 7229 +++------------------------------------------------------
89 ChangeLog.old | 428 ----
90 2 files changed, 381 insertions(+), 7276 deletions(-)
91
92 commit 25c279906d353b90e294b6f6c5c36fc311c15f5f
93 Author: Michael Rash <mbr@cipherdyne.org>
94 Date: Thu Apr 19 21:30:16 2012 -0400
95
96 minor documentation fixes
97
98 fwsnort | 2 +-
99 fwsnort.8 | 14 +++++++-------
100 2 files changed, 8 insertions(+), 8 deletions(-)
101
102 commit f8c7588616510c31147da89f8674e3cc27a62d3a
103 Author: Michael Rash <mbr@cipherdyne.org>
104 Date: Thu Apr 19 21:29:58 2012 -0400
105
106 added 1.6.2 release
107
108 packaging/fwsnort-nodeps.spec | 4 ++++
109 1 files changed, 4 insertions(+), 0 deletions(-)
110
111 commit 6dca2e37a06952146b860f3c34abec34b6dcf149
112 Author: Michael Rash <mbr@cipherdyne.org>
113 Date: Thu Apr 19 21:28:50 2012 -0400
114
115 Removed the ExtUtils::MakeMaker build requirement
116
117 Although building the fwsnort RPM builds a set of perl modules which themselves
118 have the 'use ExtUtils::MakeMaker' requirement in their respective Makefile.PL
119 scripts, some Linux distributions don't seem to make it easy to install
120 ExtUtils::MakeMaker in a manner in which the local RPM install can see it.
121 And, at the same time, it usually is there since installing perl modules is
122 such a common operation. The compromise is this solution, which will allow the
123 fwsnort RPM to be built even if RPM dosen't or can't see that ExtUtils::MakeMaker
124 is installed - most likely it will build anyway. If it doesn't, there are
125 bigger problems since fwsnort is written in perl. If you want to build the fwsnort
126 RPM with a .spec file that requires ExtUtils::MakeMaker, then use the
127 "fwsnort-require-makemaker.spec" file that is bundled in the fwsnort sources.
128
129 packaging/fwsnort-nobuildreqs.spec | 172 ---------------------
130 packaging/fwsnort-require-makemaker.spec | 239 ++++++++++++++++++++++++++++++
131 packaging/fwsnort.spec | 83 +++++++++-
132 3 files changed, 313 insertions(+), 181 deletions(-)
133
134 commit 774b5841386a69d0e701b1c866bc34bc641ab395
135 Author: Michael Rash <mbr@cipherdyne.org>
136 Date: Fri Mar 2 22:58:11 2012 -0500
137
138 updated IPTables::Parse to 1.1
139
140 deps/IPTables-Parse/Changes | 26 +++-
141 deps/IPTables-Parse/MANIFEST | 1 +
142 deps/IPTables-Parse/META.json | 39 +++++
143 deps/IPTables-Parse/META.yml | 21 +++
144 deps/IPTables-Parse/README | 2 +-
145 deps/IPTables-Parse/VERSION | 2 +-
146 deps/IPTables-Parse/lib/IPTables/Parse.pm | 145 +++++++++---------
147 deps/IPTables-Parse/t/basic_tests.pl | 247 +++++++++++++++++++++++++++++
148 8 files changed, 408 insertions(+), 75 deletions(-)
149
150 commit 818483ea7541371c0f771640b6e893823c86bd5b
151 Author: Michael Rash <mbr@cipherdyne.org>
152 Date: Mon Feb 20 20:33:18 2012 -0500
153
154 updated to IPTables::Parse 0.8
155
156 deps/IPTables-Parse/Changes | 29 ++-
157 deps/IPTables-Parse/README | 4 +-
158 deps/IPTables-Parse/VERSION | 2 +-
159 deps/IPTables-Parse/lib/IPTables/Parse.pm | 450 ++++++++++++++++++++++++----
160 fwsnort | 17 +-
161 5 files changed, 425 insertions(+), 77 deletions(-)
162
163 commit e7bb9c6d0663b3ebdccfa619f42beff2c851e531
164 Author: Michael Rash <mbr@cipherdyne.org>
165 Date: Sun Feb 19 13:21:27 2012 -0500
166
167 bumped version to 1.6.2-pre1
168
169 fwsnort | 4 ++--
170 1 files changed, 2 insertions(+), 2 deletions(-)
171
172 commit 95a39ee4fc5563ea337d9c60178b2bec23692b5e
173 Author: Michael Rash <mbr@cipherdyne.org>
174 Date: Sat Feb 18 14:33:29 2012 -0500
175
176 converted from Net::AddrIPv4 to the excellent NetAddr::IP module
177
178 INSTALL | 2 +-
179 fwsnort | 32 ++++++++++++++++----------------
180 install.pl | 4 ++--
181 3 files changed, 19 insertions(+), 19 deletions(-)
182
183 commit 7a7e4653c3dcd56884fc88e78bedcbda691f6647
184 Author: Michael Rash <mbr@cipherdyne.org>
185 Date: Sat Feb 18 14:33:19 2012 -0500
186
187 converted from Net::AddrIPv4 to the excellent NetAddr::IP module
188
189 deps/Net-IPv4Addr/ChangeLog | 90 -
190 deps/Net-IPv4Addr/IPv4Addr.pm | 385 -
191 deps/Net-IPv4Addr/IPv4Addr.spec | 90 -
192 deps/Net-IPv4Addr/MANIFEST | 15 -
193 deps/Net-IPv4Addr/Makefile.PL | 8 -
194 deps/Net-IPv4Addr/NEWS | 28 -
195 deps/Net-IPv4Addr/README | 41 -
196 deps/Net-IPv4Addr/VERSION | 1 -
197 deps/Net-IPv4Addr/debian/changelog | 37 -
198 deps/Net-IPv4Addr/debian/control | 12 -
199 deps/Net-IPv4Addr/debian/copyright | 14 -
200 deps/Net-IPv4Addr/debian/dirs | 4 -
201 deps/Net-IPv4Addr/debian/docs | 4 -
202 deps/Net-IPv4Addr/debian/rules | 85 -
203 deps/Net-IPv4Addr/ipv4calc | 89 -
204 deps/Net-IPv4Addr/test.pl | 68 -
205 deps/NetAddr-IP/Artistic | 131 +
206 deps/NetAddr-IP/Changes | 464 ++
207 deps/NetAddr-IP/Copying | 339 +
208 deps/NetAddr-IP/IP.pm | 1572 ++++
209 deps/NetAddr-IP/Lite/Changes | 373 +
210 deps/NetAddr-IP/Lite/Lite.pm | 1583 ++++
211 deps/NetAddr-IP/Lite/MANIFEST | 126 +
212 deps/NetAddr-IP/Lite/MANIFEST.SKIP | 31 +
213 deps/NetAddr-IP/Lite/META.yml | 10 +
214 deps/NetAddr-IP/Lite/Makefile.PL | 42 +
215 deps/NetAddr-IP/Lite/README | 510 ++
216 deps/NetAddr-IP/Lite/Util/Changes | 255 +
217 deps/NetAddr-IP/Lite/Util/MANIFEST | 53 +
218 deps/NetAddr-IP/Lite/Util/MANIFEST.SKIP | 31 +
219 deps/NetAddr-IP/Lite/Util/Makefile.PL | 235 +
220 deps/NetAddr-IP/Lite/Util/README | 605 ++
221 deps/NetAddr-IP/Lite/Util/Util.pm | 968 +++
222 deps/NetAddr-IP/Lite/Util/Util.xs | 801 ++
223 deps/NetAddr-IP/Lite/Util/config.h.in | 127 +
224 deps/NetAddr-IP/Lite/Util/configure | 7799 ++++++++++++++++++++
225 deps/NetAddr-IP/Lite/Util/configure.ac | 54 +
226 .../Lite/Util/lib/NetAddr/IP/InetBase.pm | 791 ++
227 deps/NetAddr-IP/Lite/Util/lib/NetAddr/IP/UtilPP.pm | 722 ++
228 deps/NetAddr-IP/Lite/Util/localconf.h | 80 +
229 deps/NetAddr-IP/Lite/Util/t/4to6.t | 69 +
230 deps/NetAddr-IP/Lite/Util/t/add128.t | 92 +
231 deps/NetAddr-IP/Lite/Util/t/addconst.t | 77 +
232 deps/NetAddr-IP/Lite/Util/t/af_inet6.t | 46 +
233 deps/NetAddr-IP/Lite/Util/t/anyto6.t | 86 +
234 deps/NetAddr-IP/Lite/Util/t/badd.t | 69 +
235 deps/NetAddr-IP/Lite/Util/t/bcd2bin.t | 68 +
236 deps/NetAddr-IP/Lite/Util/t/bcdn2bin.t | 73 +
237 deps/NetAddr-IP/Lite/Util/t/bin.t | 111 +
238 deps/NetAddr-IP/Lite/Util/t/binet_n2ad.t | 49 +
239 deps/NetAddr-IP/Lite/Util/t/binet_n2dx.t | 50 +
240 deps/NetAddr-IP/Lite/Util/t/binet_ntoa.t | 66 +
241 deps/NetAddr-IP/Lite/Util/t/binet_pton.t | 96 +
242 deps/NetAddr-IP/Lite/Util/t/bipv4_inet.t | 59 +
243 deps/NetAddr-IP/Lite/Util/t/bipv6_any2n.t | 48 +
244 deps/NetAddr-IP/Lite/Util/t/bipv6func.t | 76 +
245 deps/NetAddr-IP/Lite/Util/t/bisIPv4.t | 187 +
246 deps/NetAddr-IP/Lite/Util/t/bpackzeros.t | 52 +
247 deps/NetAddr-IP/Lite/Util/t/comp128.t | 48 +
248 deps/NetAddr-IP/Lite/Util/t/croak.t | 168 +
249 deps/NetAddr-IP/Lite/Util/t/hasbits.t | 147 +
250 deps/NetAddr-IP/Lite/Util/t/inet_4map6.t | 70 +
251 deps/NetAddr-IP/Lite/Util/t/inet_n2ad.t | 48 +
252 deps/NetAddr-IP/Lite/Util/t/inet_n2dx.t | 50 +
253 deps/NetAddr-IP/Lite/Util/t/inet_pton.t | 96 +
254 deps/NetAddr-IP/Lite/Util/t/ipv4_inet.t | 59 +
255 deps/NetAddr-IP/Lite/Util/t/ipv6_any2n.t | 47 +
256 deps/NetAddr-IP/Lite/Util/t/ipv6_ntoa.t | 66 +
257 deps/NetAddr-IP/Lite/Util/t/ipv6func.t | 75 +
258 deps/NetAddr-IP/Lite/Util/t/ipv6to4.t | 55 +
259 deps/NetAddr-IP/Lite/Util/t/isIPv4.t | 186 +
260 deps/NetAddr-IP/Lite/Util/t/leftshift.t | 58 +
261 deps/NetAddr-IP/Lite/Util/t/mode.t | 26 +
262 deps/NetAddr-IP/Lite/Util/t/naip_gethostbyname.t | 59 +
263 .../Lite/Util/t/no6_naip_gethostbyname.t | 58 +
264 deps/NetAddr-IP/Lite/Util/t/notcontiguous.t | 72 +
265 deps/NetAddr-IP/Lite/Util/t/packzeros.t | 53 +
266 deps/NetAddr-IP/Lite/Util/t/simple_pack.t | 51 +
267 deps/NetAddr-IP/Lite/Util/t/sub128.t | 68 +
268 .../Lite/Util/tlib/NetAddr/IP/Util_IS.pm | 51 +
269 deps/NetAddr-IP/Lite/Util/typemap | 28 +
270 deps/NetAddr-IP/Lite/bug2742981 | 96 +
271 deps/NetAddr-IP/Lite/t/addr.t | 36 +
272 deps/NetAddr-IP/Lite/t/aton.t | 33 +
273 deps/NetAddr-IP/Lite/t/bigint.t | 170 +
274 deps/NetAddr-IP/Lite/t/bignums.t | 130 +
275 deps/NetAddr-IP/Lite/t/bin_ips.t | 102 +
276 deps/NetAddr-IP/Lite/t/bits.t | 37 +
277 deps/NetAddr-IP/Lite/t/broadcast.t | 37 +
278 deps/NetAddr-IP/Lite/t/bug62521.t | 28 +
279 deps/NetAddr-IP/Lite/t/cidr.t | 36 +
280 deps/NetAddr-IP/Lite/t/constants.t | 19 +
281 deps/NetAddr-IP/Lite/t/contains.t | 40 +
282 deps/NetAddr-IP/Lite/t/copy.t | 52 +
283 deps/NetAddr-IP/Lite/t/firstlast.t | 66 +
284 deps/NetAddr-IP/Lite/t/lemasklen.t | 19 +
285 deps/NetAddr-IP/Lite/t/loops.t | 51 +
286 deps/NetAddr-IP/Lite/t/lower.t | 11 +
287 deps/NetAddr-IP/Lite/t/mask.t | 44 +
288 deps/NetAddr-IP/Lite/t/masklen.t | 37 +
289 deps/NetAddr-IP/Lite/t/netaddr.t | 208 +
290 deps/NetAddr-IP/Lite/t/network.t | 44 +
291 deps/NetAddr-IP/Lite/t/new-nth.t | 44 +
292 deps/NetAddr-IP/Lite/t/new-num.t | 33 +
293 deps/NetAddr-IP/Lite/t/numeric.t | 36 +
294 deps/NetAddr-IP/Lite/t/old-nth.t | 36 +
295 deps/NetAddr-IP/Lite/t/old-num.t | 33 +
296 deps/NetAddr-IP/Lite/t/over-qq.t | 53 +
297 deps/NetAddr-IP/Lite/t/over_comp.t | 66 +
298 deps/NetAddr-IP/Lite/t/over_copy.t | 85 +
299 deps/NetAddr-IP/Lite/t/over_equal.t | 122 +
300 deps/NetAddr-IP/Lite/t/over_math.t | 64 +
301 deps/NetAddr-IP/Lite/t/overminus.t | 45 +
302 deps/NetAddr-IP/Lite/t/pathological.t | 27 +
303 deps/NetAddr-IP/Lite/t/range.t | 34 +
304 deps/NetAddr-IP/Lite/t/relops.t | 59 +
305 deps/NetAddr-IP/Lite/t/v4-aton.t | 59 +
306 deps/NetAddr-IP/Lite/t/v4-badnm.t | 42 +
307 deps/NetAddr-IP/Lite/t/v4-base.t | 19 +
308 deps/NetAddr-IP/Lite/t/v4-basem.t | 24 +
309 deps/NetAddr-IP/Lite/t/v4-cidr.t | 28 +
310 deps/NetAddr-IP/Lite/t/v4-cnew.t | 30 +
311 deps/NetAddr-IP/Lite/t/v4-contains.t | 60 +
312 deps/NetAddr-IP/Lite/t/v4-last.t | 32 +
313 deps/NetAddr-IP/Lite/t/v4-new-first.t | 30 +
314 deps/NetAddr-IP/Lite/t/v4-new.t | 67 +
315 deps/NetAddr-IP/Lite/t/v4-new_from_aton.t | 27 +
316 deps/NetAddr-IP/Lite/t/v4-no_octal.t | 50 +
317 deps/NetAddr-IP/Lite/t/v4-num.t | 36 +
318 deps/NetAddr-IP/Lite/t/v4-numeric.t | 36 +
319 deps/NetAddr-IP/Lite/t/v4-old-first.t | 30 +
320 deps/NetAddr-IP/Lite/t/v4-range.t | 48 +
321 deps/NetAddr-IP/Lite/t/v4-snew.t | 29 +
322 deps/NetAddr-IP/Lite/t/v4-wnew.t | 23 +
323 deps/NetAddr-IP/Lite/t/v4_new_cis.t | 68 +
324 deps/NetAddr-IP/Lite/t/v6-cnew.t | 27 +
325 deps/NetAddr-IP/Lite/t/v6-contains.t | 51 +
326 deps/NetAddr-IP/Lite/t/v6-inc.t | 38 +
327 deps/NetAddr-IP/Lite/t/v6-new-base.t | 70 +
328 deps/NetAddr-IP/Lite/t/v6-new_cis6_base.t | 69 +
329 deps/NetAddr-IP/Lite/t/v6-new_cis_base.t | 69 +
330 deps/NetAddr-IP/Lite/t/v6-num.t | 53 +
331 deps/NetAddr-IP/Lite/t/v6-numeric.t | 91 +
332 deps/NetAddr-IP/Lite/t/v6-old-base.t | 70 +
333 deps/NetAddr-IP/Lite/t/version.t | 29 +
334 deps/NetAddr-IP/Lite/t/within.t | 40 +
335 deps/NetAddr-IP/MANIFEST | 165 +
336 deps/NetAddr-IP/MANIFEST.SKIP | 31 +
337 deps/NetAddr-IP/META.yml | 14 +
338 deps/NetAddr-IP/Makefile.PL | 91 +
339 deps/NetAddr-IP/TODO | 5 +
340 deps/NetAddr-IP/VERSION | 1 +
341 deps/NetAddr-IP/docs/rfc1884.txt | 1023 +++
342 deps/NetAddr-IP/t/constants.t | 20 +
343 deps/NetAddr-IP/t/full.t | 25 +
344 deps/NetAddr-IP/t/full6.t | 25 +
345 deps/NetAddr-IP/t/imhoff.t | 35 +
346 deps/NetAddr-IP/t/loops.t | 33 +
347 deps/NetAddr-IP/t/lower.t | 11 +
348 deps/NetAddr-IP/t/masklen.t | 21 +
349 deps/NetAddr-IP/t/new-store.t | 40 +
350 deps/NetAddr-IP/t/old-store.t | 40 +
351 deps/NetAddr-IP/t/over-arr.t | 20 +
352 deps/NetAddr-IP/t/over-qq.t | 55 +
353 deps/NetAddr-IP/t/relops.t | 59 +
354 deps/NetAddr-IP/t/short.t | 57 +
355 deps/NetAddr-IP/t/splitref.t | 27 +
356 deps/NetAddr-IP/t/v4-coalesce.t | 54 +
357 deps/NetAddr-IP/t/v4-compact.t | 110 +
358 deps/NetAddr-IP/t/v4-compplus.t | 35 +
359 deps/NetAddr-IP/t/v4-hostenum.t | 50 +
360 deps/NetAddr-IP/t/v4-re.t | 38 +
361 deps/NetAddr-IP/t/v4-split-bulk.t | 23 +
362 deps/NetAddr-IP/t/v4-split-list.t | 54 +
363 deps/NetAddr-IP/t/v4-splitplan.t | 73 +
364 deps/NetAddr-IP/t/v4-sprefix.t | 51 +
365 deps/NetAddr-IP/t/v4-xprefix.t | 48 +
366 deps/NetAddr-IP/t/v6-re.t | 69 +
367 deps/NetAddr-IP/t/v6-split-bulk.t | 21 +
368 deps/NetAddr-IP/t/v6-splitplan.t | 72 +
369 deps/NetAddr-IP/t/wildcard.t | 37 +
370 181 files changed, 26626 insertions(+), 971 deletions(-)
371
372 commit cca8f706be83ffb440b09053cacd032865ca69dd (tag: refs/tags/fwsnort-1.6.2-pre1)
373 Author: Michael Rash <mbr@cipherdyne.org>
374 Date: Thu Feb 16 21:32:19 2012 -0500
375
376 added the proper ChangeLog back in
377
378 ChangeLog | 2184 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
379 1 files changed, 2184 insertions(+), 0 deletions(-)
380
381 commit f4715fe90d6ae875fc8570d00198c7b72a5eb413
382 Author: Michael Rash <mbr@cipherdyne.org>
383 Date: Thu Feb 16 21:24:25 2012 -0500
384
385 bumped version to 1.6.2-pre1
386
387 VERSION | 2 +-
388 1 files changed, 1 insertions(+), 1 deletions(-)
389
390 commit 724f75a13f3ec264eccb553c6c28f83706048047
391 Author: Michael Rash <mbr@cipherdyne.org>
392 Date: Thu Feb 16 21:18:44 2012 -0500
393
394 Switched --no-ipt-sync to default to not syncing with the iptables policy
395
396 By default fwsnort attempts to match translated Snort rules to the running
397 iptables policy, but this is tough to do well because iptables policies can be
398 complex. And, before fwsnort switched to the iptables-save format for
399 instantiating the policy, a large set of translated rules could take a really
400 long time to make active within the kernel. Finally, many Snort rules restrict
401 themselves to established TCP connections anyway, and if a restrictive policy
402 doesn't allow connections to get into the established state for some port let's
403 say, then there is little harm in having translated Snort rules for this port.
404 Some kernel memory would be wasted (small), but no performance would be lost
405 since packets won't be processed against these rules anyway. The end result is
406 that the default behavior is now to not sync with the local iptables policy in
407 favor of translating and instantiating as many rules as possible.
408
409 This commit also moves the fwsnort.sh script and associated files into the
410 /var/lib/fwsnort/ directory.
411
412 CREDITS | 5 ++++-
413 fwsnort | 36 ++++++++++++++++++------------------
414 fwsnort.8 | 15 +++++++++++----
415 fwsnort.conf | 13 +++++++------
416 install.pl | 2 +-
417 5 files changed, 41 insertions(+), 30 deletions(-)
418
419 commit 863f73aead5ca9111c64de98fca6a6631e40c7b5
420 Author: Michael Rash <mbr@cipherdyne.org>
421 Date: Thu Feb 16 20:36:59 2012 -0500
422
423 updated to the latest emerging threats Snort rules
424
425 deps/snort_rules/emerging-all.rules |26379 ++++++++++++++++++-----------------
426 1 files changed, 13483 insertions(+), 12896 deletions(-)
Something went wrong with that request. Please try again.