Navigation

Changeset 1653

Timestamp:

11/12/06 12:54:42 (2 years ago)

Author:

mbr

Message:

added variables from snort.conf (such as EXTERNAL_NET and HTTP_SERVERS) to support the new signature interface

Files:

r1648	r1653
45	45	### the FORWARD chain). If there is only one network interface on
46	46	### the box, then just set this variable to "NOT_USED".
47
48		### HOME_NET 192.168.10.4/24;
49		### HOME_NET 10.1.1.0/24, 192.168.10.4/24;
50		### HOME_NET NOT_USED; ### only one interface on box
51		HOME_NET _CHANGEME_;
	47	HOME_NET any;
	48	EXTERNAL_NET any;
	49
	50	### List of servers. Fwsnort supports the same variable resolution as
	51	#### Snort.
	52	HTTP_SERVERS $HOME_NET;
	53	SMTP_SERVERS $HOME_NET;
	54	DNS_SERVERS $HOME_NET;
	55	SQL_SERVERS $HOME_NET;
	56	TELNET_SERVERS $HOME_NET;
	57
	58	#### AOL AIM server nets
	59	AIM_SERVERS [64.12.24.0/24, 64.12.25.0/24, 64.12.26.14/24, 64.12.28.0/24, 64.12.29.0/24, 64.12.161.0/24, 64.12.163.0/24, 205.188.5.0/24, 205.188.9.0/24];
	60
	61	### Configurable port numbers
	62	HTTP_PORTS 80;
	63	SHELLCODE_PORTS !80;
	64	ORACLE_PORTS 1521;
52	65
53	66	### Firewall message search strings. NOTE: the FW_MSG_SEARCH variable