Code Review / clover.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: cd091d6) | patch
Extended snort rule add to allow content field 37/55837/1
authorEddie Arrage <eddie.arrage@huawei.com>
Mon, 16 Apr 2018 19:00:34 +0000 (19:00 +0000)
committerEddie Arrage <eddie.arrage@huawei.com>
Mon, 16 Apr 2018 19:09:06 +0000 (19:09 +0000)
commit1d076ac8e0d25e01cee3a7913f459625f8c46664
tree6925f690fef55b53b5af2a0273b0fe4f4bf51ed8tree | snapshot
parentcd091d69bf68d3428908d58832ed35bade71e6c0commit | diff
Extended snort rule add to allow content field

- Exposed the 'content' field in the GRPC server AddRules method
- Allows the 'MALWARE-CNC User-Agent ASafaWeb Scan' signature
in the community rules to be copied to local rules
- Above ensures more deterministic alerts by snort each time
the signature is hit
- Added here to support the SDC configuration guide, which details
how to add this scan rule via GRPC client script

Change-Id: I6945c1e500075444134543bb9eb6003a03f1d5cc
Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
samples/services/snort_ids/docker/grpc/snort.proto diff | blob | history
samples/services/snort_ids/docker/grpc/snort_client.py diff | blob | history
samples/services/snort_ids/docker/grpc/snort_pb2.py diff | blob | history
samples/services/snort_ids/docker/grpc/snort_server.py diff | blob | history