]>
Commit | Line | Data |
---|---|---|
5e891296 | 1 | package IDS::Ruleset; |
1d9b8791 | 2 | |
5e891296 SS |
3 | # This file contains the supported ruleset providers. |
4 | # | |
5 | # Each one is defined as a hash in the main hash. | |
6 | # It's name acts as handle/key and the key/value pair acts as data part. | |
7 | # So the structure is like the following: | |
8 | # | |
9 | # handle => { | |
10 | # summary => A short summary of the service. This also will be shown if no translation string is available for the WUI. | |
11 | # website => The website of the ruleset provider. | |
12 | # tr_string => The translation string which is used by the WUI and part of the language files. | |
13 | # requires_subscription => "True/False" - If some kind of registration code is required in order to download the ruleset. | |
14 | # dl_url => The download URL to grab the ruleset. | |
15 | # dl_type => "archive/file" - To specify, if the downloaded file is a packed archive or a plain text file. | |
16 | # }, | |
1d9b8791 | 17 | |
5e891296 SS |
18 | # Hash which contains the supported ruleset providers. |
19 | our %Providers = ( | |
20 | # Ruleset for registered sourcefire users. | |
21 | registered => { | |
22 | summary => "Talos VRT rules for registered users", | |
23 | website => "https://www.snort.org", | |
24 | tr_string => "registered user rules", | |
25 | requires_subscription => "True", | |
923a6441 | 26 | dl_url => "https://www.snort.org/rules/snortrules-snapshot-29161.tar.gz?oinkcode=<subscription_code>", |
5e891296 SS |
27 | dl_type => "archive", |
28 | }, | |
1d9b8791 | 29 | |
5e891296 SS |
30 | # Ruleset for registered sourcefire users with a valid subsription. |
31 | subscripted => { | |
32 | summary => "Talos VRT rules with subscription", | |
33 | website => "https://www.snort.org", | |
34 | tr_string => "subscripted user rules", | |
35 | requires_subscription => "True", | |
923a6441 | 36 | dl_url => "https://www.snort.org/rules/snortrules-snapshot-29161.tar.gz?oinkcode=<subscription_code>", |
5e891296 SS |
37 | dl_type => "archive", |
38 | }, | |
4fbd88bf | 39 | |
5e891296 SS |
40 | # Community rules from sourcefire. |
41 | community => { | |
42 | summary => "Snort/VRT GPLv2 Community Rules", | |
43 | website => "https://www.snort.ort", | |
44 | tr_string => "community rules", | |
45 | requires_subscription => "False", | |
46 | dl_url => "https://www.snort.org/rules/community", | |
47 | dl_type => "archive", | |
48 | }, | |
4fbd88bf | 49 | |
5e891296 SS |
50 | # Emerging threads community rules. |
51 | emerging => { | |
52 | summary => "Emergingthreats.net Community Rules", | |
a49a30d1 | 53 | website => "https://emergingthreats.net/", |
5e891296 SS |
54 | tr_string => "emerging rules", |
55 | requires_subscription => "False", | |
56 | dl_url => "https://rules.emergingthreats.net/open/suricata-5.0/emerging.rules.tar.gz", | |
57 | dl_type => "archive", | |
58 | }, | |
59 | ||
60 | # Emerging threads Pro rules. | |
61 | emerging_pro => { | |
62 | summary => "Emergingthreats.net Pro Rules", | |
a49a30d1 | 63 | website => "https://emergingthreats.net/", |
5e891296 SS |
64 | tr_string => "emerging pro rules", |
65 | requires_subscription => "True", | |
923a6441 | 66 | dl_url => "https://rules.emergingthreatspro.com/<subscription_code>/suricata-5.0/etpro.rules.tar.gz", |
5e891296 SS |
67 | dl_type => "archive", |
68 | }, | |
69 | ); |