|
Unix VPS
Support
FAQ
Network
Miscellaneous
|
| Parse::Snort::Strict(3) | User Contributed Perl Documentation | Parse::Snort::Strict(3) |
NAME
Parse::Snort::Strict - Parse Snort rules with validation of the rules
DESCRIPTION
Parse Snort rules with validation regarding rule action, protocol and direction. Look at Parse::Snort for more usage detail, as this is a subclass of it.
SYNOPSIS
use Parse::Snort::Strict;
use Try::Tiny;
my $rule = Parse::Snort::Strict->new();
try {
$rule->parse($text);
}
catch {
warn "Unable to parse rule: $_";
};
METHODS
action
You can only have the following actions
- alert
- generate an alert using the selected alert method, and then
- log
- log the packet
- pass
- ignore the packet
- activate
- alert and then turn on another dynamic rule
- dynamic
- remain idle until activated by an activate rule , then act as a log rule
- drop
- block and log the packet
- reject
- block the packet, log it, and then send a TCP reset if the protocol is TCP or an ICMP port unreachable message if the protocol is UDP.
- sdrop
- block the packet but do not log it.
proto
You can only have the following protocols:
direction
You can Only have the following directions
- "->"
- "<>"
- "<-"
| 2018-05-14 | perl v5.40.2 |
Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.