yookd / pulledpork

Automatically exported from code.google.com/p/pulledpork
GNU General Public License v2.0
0 stars 0 forks source link

feature request - VRT Edge Rulepack with PP #150

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Hi everyone

thank for your PP :-)

I am using pulledpork with VRT edge rulepack, follow a description from 
Sourcefire (hxxp://www.snort.org/snort-rules/cli (bottom) ):

Edge Rulepack
You can now stay on the cutting edge of rulepacks by setting <filename>, in any 
of the above recipes, equal to snortrules-snapshot-edge.tar.gz
This will pull down the latest versioned rulepack that you are privileged to 
have! e.g. if 2912, 2930 and 2931 are available, it will access 2931.

This rulepack is named snortrules-snapshot-edge.tar.gz

To use that I simple modify PP (svn version):

$ diff /usr/local/bin/pulledpork.pl src/pulledpork-read-only/pulledpork.pl

1813c1813
<                 unless ( $rule_file =~ /snortrules-snapshot-\w+\.tar\.gz/

---
>                 unless ( $rule_file =~ /snortrules-snapshot-\d{4}\.tar\.gz/
1822c1822
<                     $rule_file = "snortrules-snapshot-$Snortv.tar.gz" unless 
$rule_file =~ /snortrules-snapshot-edge\.tar\.gz/;

---
>                     $rule_file = "snortrules-snapshot-$Snortv.tar.gz";

Perl isn't my favorite script language ;-), sorry
Is it possible include this in a next release?

Thank you in advance

See you

Simone

Original issue reported on code.google.com by pascal.c...@gmail.com on 31 Jan 2014 at 11:31