mateodx / pulledpork

Automatically exported from code.google.com/p/pulledpork
GNU General Public License v2.0
0 stars 0 forks source link

Patch for /trunk/doc/README.CATEGORIES #168

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
Appended a solution to get a list of all categories when they are changed or 
new.
Removed and wrote the current list of categories.

Replaced "-=" and "=-" which caused all rules to be disabled, and changed to 
"##".

Original issue reported on code.google.com by jason.c....@gmail.com on 12 Feb 2015 at 11:41

Attachments:

GoogleCodeExporter commented 8 years ago
Forgot to add uniq to sorting the rules categories:
lz /var/tmp/*.gz | egrep '\.rules' | cut -d'/' -f3 | sort -u > rules.`date +%F`

Original comment by jcroc...@uic.edu on 8 May 2015 at 3:51

GoogleCodeExporter commented 8 years ago
lz /var/tmp/*.gz | egrep '\.rules' | cut -d'/' -f3 | sort -u | cut -d'.' -f1 > 
rules.`date +%F`

Reading directory of  "/var/tmp/community-rules.tar.gz".

Reading directory of  "/var/tmp/emerging.rules.tar.gz".

Reading directory of  "/var/tmp/snortrules-snapshot-2972.tar.gz".
app-detect
attack-responses
backdoor
bad-traffic
blacklist

Original comment by jcroc...@uic.edu on 15 May 2015 at 8:41

GoogleCodeExporter commented 8 years ago
CORRECTED: lz /var/tmp/*.gz | egrep '\.rules' | cut -d'/' -f3 | sort -u | perl 
-lne '/(.*).rules/ && print $1' > rules.`date +%F`

Original comment by jcroc...@uic.edu on 30 Jun 2015 at 4:07