Project

General

Profile

Actions

Feature #256

closed

rule keyword 'fwsam'

Added by Peter Manev about 14 years ago. Updated over 13 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
Effort:
Difficulty:
Label:

Description

unknown rule keyword 'fwsam'
Exmple:

[9838] 20/12/2010 -- 11:50:14 - (detect-parse.c:655) <Error> (SigParseOptions) -- [ERRCODE: SC_ERR_RULE_KEYWORD_UNKNOWN(100)] - unknown rule keyword 'fwsam'.

[9838] 20/12/2010 -- 11:50:14 - (detect.c:526) <Error> (DetectLoadSigFile) -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - Error parsing signature "alert tcp [93.185.109.191,93.19.6.176,93.2.186.8,93.219.162.144,93.232.50.174,93.25.117.12,93.25.122.200,93.26.14.101,93.27.114.68,93.29.105.52] any -> $HOME_NET any (msg:"ET TOR Known Tor Exit Node TCP Traffic - BLOCKING (82)"; flags:S; reference:url,doc.emergingthreats.net/bin/view/Main/TorRules; threshold: type limit, track by_src, seconds 60, count 1; classtype:misc-attack; sid:2525162; rev:701; fwsam: src, 24 hours;)" from file /etc/suricata/rules/emerging-tor-BLOCK.rules at line 208

Actions #1

Updated by Victor Julien about 14 years ago

  • Target version set to TBD

This would require us / someone to implement functionality similar to Snortsam.

Actions #2

Updated by Victor Julien over 13 years ago

  • Assignee set to Anonymous
  • Target version deleted (TBD)
Actions #3

Updated by Victor Julien over 13 years ago

  • Status changed from New to Rejected

Now that barnyard2 1.10 beta 1 is adding support for Snortsam, there is no need for adding this support to our engine.

Actions

Also available in: Atom PDF