Code Review / clover.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 66cc1be) | patch
Extended snort rule add to allow content field 35/55835/1
authorEddie Arrage <eddie.arrage@huawei.com>
Mon, 16 Apr 2018 19:00:34 +0000 (19:00 +0000)
committerEddie Arrage <eddie.arrage@huawei.com>
Mon, 16 Apr 2018 19:07:37 +0000 (19:07 +0000)
commit4bd515a7cc42815514b4464c87a5d743bf92ec9f
treeaf575b361926185de1fb90e74f38527ec33134c2tree | snapshot
parent66cc1be27b7fbb27c01a726663e42608eb411672commit | diff
Extended snort rule add to allow content field

- Exposed the 'content' field in the GRPC server AddRules method
- Allows the 'MALWARE-CNC User-Agent ASafaWeb Scan' signature
in the community rules to be copied to local rules
- Above ensures more deterministic alerts by snort each time
the signature is hit
- Added here to support the SDC configuration guide, which details
how to add this scan rule via GRPC client script

Change-Id: I6945c1e500075444134543bb9eb6003a03f1d5cc
Signed-off-by: Eddie Arrage <eddie.arrage@huawei.com>
samples/services/snort_ids/docker/grpc/snort.proto diff | blob | history
samples/services/snort_ids/docker/grpc/snort_client.py diff | blob | history
samples/services/snort_ids/docker/grpc/snort_pb2.py diff | blob | history
samples/services/snort_ids/docker/grpc/snort_server.py diff | blob | history