-pass http any !$HTTP_PORTS -> $HOME_NET any (msg:"LOCAL No alerts for HTTP gzip decompression failed"; flowbits:noalert; flow:established; app-layer-event:http.gzip_decompression_failed; sid:998877010; rev:1;)
-pass tls $HOME_NET $TOR_RELAY_PORT -> $EXTERNAL_NET any (msg:"LOCAL No alerts for outgoing TLS traffic on tor port"; flowbits:noalert; flow:established; sid:998877011; rev:1;)
-pass tls $EXTERNAL_NET any -> $HOME_NET $TOR_RELAY_PORT (msg:"LOCAL No alerts for incomming TLS traffic on tor port"; flowbits:noalert; flow:established; sid:998877012; rev:1;)
-pass ip $EXTERNAL_NET any -> $HOME_NET $TOR_SOCKS_PORT (msg:"LOCAL No alerts for first Data in wrong direction"; flowbits:noalert; flow:established; app-layer-event:applayer_wrong_direction_first_data; sid:998877013; rev:1;)
+pass http any !$HTTP_PORTS -> $HOME_NET any (msg:"LOCAL No alerts for HTTP gzip decompression failed"; flowbits:noalert; flow:established; app-layer-event:http.gzip_decompression_failed; sid:1200000; rev:1;)
+pass tls $HOME_NET $TOR_RELAY_PORT -> $EXTERNAL_NET any (msg:"LOCAL No alerts for outgoing TLS traffic on tor port"; flowbits:noalert; flow:established; sid:1200001; rev:1;)
+pass tls $EXTERNAL_NET any -> $HOME_NET $TOR_RELAY_PORT (msg:"LOCAL No alerts for incomming TLS traffic on tor port"; flowbits:noalert; flow:established; sid:1200002; rev:1;)
+pass ip $EXTERNAL_NET any -> $HOME_NET $TOR_SOCKS_PORT (msg:"LOCAL No alerts for first Data in wrong direction"; flowbits:noalert; flow:established; app-layer-event:applayer_wrong_direction_first_data; sid:1000003; rev:1;)
projects / people / stevee / ipfire-2.x.git / commitdiff
