<div class="literalblock">\r
<div class="content">\r
<pre><code> ,,_ -*> Snort++ <*-\r
-o" )~ Version 3.0.0 (Build 259)\r
+o" )~ Version 3.0.0 (Build 260)\r
'''' By Martin Roesch & The Snort Team\r
http://snort.org/contact#team\r
Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.\r
</li>\r
<li>\r
<p>\r
-int <strong>host_cache.size</strong>: size of host cache { 1:max32 }\r
+int <strong>host_cache.memcap</strong> = 8388608: maximum host cache size in bytes { 512:max32 }\r
</p>\r
</li>\r
</ul></div>\r
enum <strong>finalize_packet.modify.verdict</strong>: output format for stats { pass | block | replace | whitelist | blacklist | ignore | retry }\r
</p>\r
</li>\r
+<li>\r
+<p>\r
+bool <strong>finalize_packet.switch_to_wizard</strong> = false: switch to wizard on first finalize event\r
+</p>\r
+</li>\r
</ul></div>\r
<div class="paragraph"><p>Peg counts:</p></div>\r
<div class="ulist"><ul>\r
string <strong>rna.custom_fingerprint_dir</strong>: directory to custom fingerprint patterns\r
</p>\r
</li>\r
+<li>\r
+<p>\r
+bool <strong>rna.enable_logger</strong> = true: enable or disable writing discovery events into logger\r
+</p>\r
+</li>\r
</ul></div>\r
<div class="paragraph"><p>Peg counts:</p></div>\r
<div class="ulist"><ul>\r
</ul></div>\r
</div>\r
<div class="sect2">\r
+<h3 id="_rt_global">rt_global</h3>\r
+<div class="paragraph"><p>What: The regression test global inspector is used for regression tests specific to a global inspector</p></div>\r
+<div class="paragraph"><p>Type: inspector</p></div>\r
+<div class="paragraph"><p>Usage: global</p></div>\r
+<div class="paragraph"><p>Configuration:</p></div>\r
+<div class="ulist"><ul>\r
+<li>\r
+<p>\r
+int <strong>rt_global.memcap</strong> = 2048: cap on amount of memory used\r
+</p>\r
+</li>\r
+</ul></div>\r
+<div class="paragraph"><p>Peg counts:</p></div>\r
+<div class="ulist"><ul>\r
+<li>\r
+<p>\r
+<strong>rt_global.packets</strong>: total packets (sum)\r
+</p>\r
+</li>\r
+</ul></div>\r
+</div>\r
+<div class="sect2">\r
<h3 id="_rt_packet">rt_packet</h3>\r
<div class="paragraph"><p>What: The regression test packet inspector is used when special packet handling is required for a reg test</p></div>\r
<div class="paragraph"><p>Type: inspector</p></div>\r
<div class="paragraph"><p>What: The regression test service inspector is used by regression tests that require custom service inspector support.</p></div>\r
<div class="paragraph"><p>Type: inspector</p></div>\r
<div class="paragraph"><p>Usage: context</p></div>\r
-<div class="paragraph"><p>Configuration:</p></div>\r
-<div class="ulist"><ul>\r
-<li>\r
-<p>\r
-int <strong>rt_service.memcap</strong>: cap on amount of memory used\r
-</p>\r
-</li>\r
-</ul></div>\r
<div class="paragraph"><p>Peg counts:</p></div>\r
<div class="ulist"><ul>\r
<li>\r
</li>\r
<li>\r
<p>\r
+bool <strong>finalize_packet.switch_to_wizard</strong> = false: switch to wizard on first finalize event\r
+</p>\r
+</li>\r
+<li>\r
+<p>\r
string <strong>flags.~mask_flags</strong>: these flags are don’t cares\r
</p>\r
</li>\r
</li>\r
<li>\r
<p>\r
-int <strong>host_cache.size</strong>: size of host cache { 1:max32 }\r
+int <strong>host_cache.memcap</strong> = 8388608: maximum host cache size in bytes { 512:max32 }\r
</p>\r
</li>\r
<li>\r
</li>\r
<li>\r
<p>\r
+bool <strong>rna.enable_logger</strong> = true: enable or disable writing discovery events into logger\r
+</p>\r
+</li>\r
+<li>\r
+<p>\r
string <strong>rna.fingerprint_dir</strong>: directory to fingerprint patterns\r
</p>\r
</li>\r
</li>\r
<li>\r
<p>\r
-bool <strong>rt_packet.test_daq_retry</strong> = true: test daq packet retry feature\r
+int <strong>rt_global.memcap</strong> = 2048: cap on amount of memory used\r
</p>\r
</li>\r
<li>\r
<p>\r
-int <strong>rt_service.memcap</strong>: cap on amount of memory used\r
+bool <strong>rt_packet.test_daq_retry</strong> = true: test daq packet retry feature\r
</p>\r
</li>\r
<li>\r
</li>\r
<li>\r
<p>\r
+<strong>rt_global.packets</strong>: total packets (sum)\r
+</p>\r
+</li>\r
+<li>\r
+<p>\r
<strong>rt_packet.packets</strong>: total packets (sum)\r
</p>\r
</li>\r
</li>\r
<li>\r
<p>\r
+<strong>rt_global</strong> (inspector): The regression test global inspector is used for regression tests specific to a global inspector\r
+</p>\r
+</li>\r
+<li>\r
+<p>\r
<strong>rt_packet</strong> (inspector): The regression test packet inspector is used when special packet handling is required for a reg test\r
</p>\r
</li>\r
</li>\r
<li>\r
<p>\r
+<strong>inspector::rt_global</strong>: The regression test global inspector is used for regression tests specific to a global inspector\r
+</p>\r
+</li>\r
+<li>\r
+<p>\r
<strong>inspector::rt_packet</strong>: The regression test packet inspector is used when special packet handling is required for a reg test\r
</p>\r
</li>\r
<div id="footer">\r
<div id="footer-text">\r
Last updated\r
- 2019-08-21 14:26:59 EDT\r
+ 2019-08-28 09:32:47 EDT\r
</div>\r
</div>\r
</body>\r
9.32. reputation
9.33. rna
9.34. rpc_decode
- 9.35. rt_packet
- 9.36. rt_service
- 9.37. sip
- 9.38. smtp
- 9.39. ssh
- 9.40. ssl
- 9.41. stream
- 9.42. stream_file
- 9.43. stream_icmp
- 9.44. stream_ip
- 9.45. stream_tcp
- 9.46. stream_udp
- 9.47. stream_user
- 9.48. telnet
- 9.49. wizard
+ 9.35. rt_global
+ 9.36. rt_packet
+ 9.37. rt_service
+ 9.38. sip
+ 9.39. smtp
+ 9.40. ssh
+ 9.41. ssl
+ 9.42. stream
+ 9.43. stream_file
+ 9.44. stream_icmp
+ 9.45. stream_ip
+ 9.46. stream_tcp
+ 9.47. stream_udp
+ 9.48. stream_user
+ 9.49. telnet
+ 9.50. wizard
10. IPS Action Modules
Snorty
,,_ -*> Snort++ <*-
-o" )~ Version 3.0.0 (Build 259)
+o" )~ Version 3.0.0 (Build 260)
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2019 Cisco and/or its affiliates. All rights reserved.
* string host_cache.dump_file: file name to dump host cache on
shutdown; won’t dump by default
- * int host_cache.size: size of host cache { 1:max32 }
+ * int host_cache.memcap = 8388608: maximum host cache size in bytes
+ { 512:max32 }
Commands:
packet for this PDU { 0:max32 }
* enum finalize_packet.modify.verdict: output format for stats {
pass | block | replace | whitelist | blacklist | ignore | retry }
+ * bool finalize_packet.switch_to_wizard = false: switch to wizard
+ on first finalize event
Peg counts:
* string rna.fingerprint_dir: directory to fingerprint patterns
* string rna.custom_fingerprint_dir: directory to custom
fingerprint patterns
+ * bool rna.enable_logger = true: enable or disable writing
+ discovery events into logger
Peg counts:
sessions (max)
-9.35. rt_packet
+9.35. rt_global
+
+--------------
+
+What: The regression test global inspector is used for regression
+tests specific to a global inspector
+
+Type: inspector
+
+Usage: global
+
+Configuration:
+
+ * int rt_global.memcap = 2048: cap on amount of memory used
+
+Peg counts:
+
+ * rt_global.packets: total packets (sum)
+
+
+9.36. rt_packet
--------------
* rt_packet.retry_packets: total retried packets received (sum)
-9.36. rt_service
+9.37. rt_service
--------------
Usage: context
-Configuration:
-
- * int rt_service.memcap: cap on amount of memory used
-
Peg counts:
* rt_service.packets: total packets (sum)
* rt_service.search_requests: total splitter search requests (sum)
-9.37. sip
+9.38. sip
--------------
* sip.code_9xx: 9xx (sum)
-9.38. smtp
+9.39. smtp
--------------
* smtp.non_encoded_bytes: total non-encoded extracted bytes (sum)
-9.39. ssh
+9.40. ssh
--------------
(max)
-9.40. ssl
+9.41. ssl
--------------
(max)
-9.41. stream
+9.42. stream
--------------
* stream.ha_prunes: sessions pruned by high availability sync (sum)
-9.42. stream_file
+9.43. stream_file
--------------
* bool stream_file.upload = false: indicate file transfer direction
-9.43. stream_icmp
+9.44. stream_icmp
--------------
* stream_icmp.prunes: icmp session prunes (sum)
-9.44. stream_ip
+9.45. stream_ip
--------------
* stream_ip.fragmented_bytes: total fragmented bytes (sum)
-9.45. stream_tcp
+9.46. stream_tcp
--------------
* stream_tcp.partial_flush_bytes: partial flush total bytes (sum)
-9.46. stream_udp
+9.47. stream_udp
--------------
* stream_udp.ignored: udp packets ignored (sum)
-9.47. stream_user
+9.48. stream_user
--------------
0:max53 }
-9.48. telnet
+9.49. telnet
--------------
sessions (max)
-9.49. wizard
+9.50. wizard
--------------
pass | block | replace | whitelist | blacklist | ignore | retry }
* int finalize_packet.start_pdu = 0: Register to receive finalize
packet event starting on this PDU { 0:max32 }
+ * bool finalize_packet.switch_to_wizard = false: switch to wizard
+ on first finalize event
* string flags.~mask_flags: these flags are don’t cares
* string flags.~test_flags: these flags are tested
* string flowbits.~arg1: bits or group
{ 65535 }
* string host_cache.dump_file: file name to dump host cache on
shutdown; won’t dump by default
- * int host_cache.size: size of host cache { 1:max32 }
+ * int host_cache.memcap = 8388608: maximum host cache size in bytes
+ { 512:max32 }
* enum hosts[].frag_policy: defragmentation policy { first | linux
| bsd | bsd_right | last | windows | solaris }
* addr hosts[].ip = 0.0.0.0/32: hosts address / CIDR
contents with rewrite rules
* string rna.custom_fingerprint_dir: directory to custom
fingerprint patterns
+ * bool rna.enable_logger = true: enable or disable writing
+ discovery events into logger
* string rna.fingerprint_dir: directory to fingerprint patterns
* string rna.rna_conf_path: path to RNA configuration
* string rna.rna_util_lib_path: path to library for utilities such
* int rpc.~app: application number { 0:max32 }
* string rpc.~proc: procedure number or * for any
* string rpc.~ver: version number or * for any
+ * int rt_global.memcap = 2048: cap on amount of memory used
* bool rt_packet.test_daq_retry = true: test daq packet retry
feature
- * int rt_service.memcap: cap on amount of memory used
* enum rule_state.([0-9]+):([0-9]+)[].action = inherit: apply
action if rule matches or inherit from rule definition { log |
pass | alert | drop | block | reset | inherit }
* rpc_decode.max_concurrent_sessions: maximum concurrent rpc
sessions (max)
* rpc_decode.total_packets: total packets (sum)
+ * rt_global.packets: total packets (sum)
* rt_packet.packets: total packets (sum)
* rt_packet.retry_packets: total retried packets received (sum)
* rt_packet.retry_requests: total retry packets requested (sum)
fingerprinting (experimental)
* rpc (ips_option): rule option to check SUNRPC CALL parameters
* rpc_decode (inspector): RPC inspector
+ * rt_global (inspector): The regression test global inspector is
+ used for regression tests specific to a global inspector
* rt_packet (inspector): The regression test packet inspector is
used when special packet handling is required for a reg test
* rt_service (inspector): The regression test service inspector is
* inspector::rna: Real-time network awareness and OS fingerprinting
(experimental)
* inspector::rpc_decode: RPC inspector
+ * inspector::rt_global: The regression test global inspector is
+ used for regression tests specific to a global inspector
* inspector::rt_packet: The regression test packet inspector is
used when special packet handling is required for a reg test
* inspector::rt_service: The regression test service inspector is
projects / thirdparty / snort3.git / commitdiff
