[Snort-announce] Oinkmaster v0.9 released.
Andreas Östling
Hash: SHA1
Hello,
Oinkmaster v0.9 has been released.
Download:
http://prdownloads.sourceforge.net/oinkmaster/oinkmaster-0.9.tar.gz?download
MD5: 8ed30c07f2ef5c977e1201a014bf9c5c
PGP signature:
http://oinkmaster.sourceforge.net/oinkmaster-0.9.tar.gz.asc
Please note that the Oinkmaster homepage has moved to
http://oinkmaster.sourceforge.net/
=46or those who don't know, Oinkmaster is a simple tool to update/manage
Snort signatures.
Changes from v0.8:
o It's much faster now.
o Added ability to use "include <file>" in oinkmaster configuration
files. <file> will be parsed (just like a regular oinkmaster.conf) as
soon as the include statement is seen, and then return and continue
parsing the rest of the original file. If an option is re-defined, it
will override the previous value. You can use as many 'include'
statements as you wish, and also include even more files from included
files.
o Also permit an arbitrary number of "-C" arguments to be specified on
command line to load multiple config files. They will be loaded in the
order of appearance.
o Permit https://... in url specification. Only useful if your wget is
SSL-enabled and you download from an SSL-enabled site.
o Permit scp://<user>@<remotehost>:<file.tar.gz> in url specification.
The rules archive will be copied from remotehost using scp (only tested
with OpenSSH). You can specify a private key with scp_key =3D ... in
oinkmaster.conf (or set it in ~/.ssh/config).
o You can now specify "-i" for interactive mode. You will be asked to
approve the changes before Oinkmaster modifies anything.
o Added 'enablesid' option to oinkmaster.conf.
o Slightly improved rules parsing (order of sid and msg does not matter).
o oinkmaster.conf will be searched for in /etc/ and /usr/local/etc/ by=20
default.
o Make contrib/create-sidmap.pl and contrib/addsid.pl take an arbtitrary
number of directories as argument.
o Added a FAQ.
o wget is now always run in verbose mode, although the output is not displa=
yed
unless you run Oinkmaster in verbose mode as well, or if an error occurs
(i.e. no more need to re-run in verbose mode just to get decent error
messages).
o deleted.rules is now ignored (with a "skipfile delete.rules") in the
default oinkmaster.conf.
o You can now specify a wildcard ('*') to the modifysid keyword, like
modifysid * "foo" | "bar", to apply the substitution expression to all
matching rules. This enables you to do stuff like convert all rules of a
certain classtype to 'drop' rules, or replace all 'flow' keywords with
"flags: A+;", and so on. See oinkmaster.conf for examples.
o Include seconds in filename of backup tarball.
o Many other minor improvements.
/Andreas
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (OpenBSD)
iD8DBQE/zOsiytHlY5LIf/YRAoO6AKCBIKEqFHJ6zGfPce2kbFeSZPmmQQCffvHk
fgyVFecCPkEaZQzBuwOAnaY=3D
=3DdeTo
=2D----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.net email is sponsored by OSDN's Audience Survey.
Help shape OSDN's sites and tell us what you think. Take this
five minute survey and you could win a $250 Gift Certificate.
http://www.wrgsurveys.com/2003/osdntech03.php?site=8
_______________________________________________
Snort-announce mailing list
Snort-a...@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-announce