"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "doc/user/snort_user.text" between
snort3-3.1.28.0.tar.gz and snort3-3.1.29.0.tar.gz

About: Snort 3 is a network intrusion prevention and detection system (IDS/IPS) combining the benefits of signature, protocol and anomaly-based inspection.

snort_user.text  (snort3-3.1.28.0):snort_user.text  (snort3-3.1.29.0)
--------------------------------------------------------------------- ---------------------------------------------------------------------
Snort 3 User Manual Snort 3 User Manual
--------------------------------------------------------------------- ---------------------------------------------------------------------
The Snort Team The Snort Team
Revision History Revision History
Revision 3.1.28.0 2022-04-25 10:44:39 EDT TST Revision 3.1.29.0 2022-05-04 08:06:54 EDT TST
--------------------------------------------------------------------- ---------------------------------------------------------------------
Table of Contents Table of Contents
1. Overview 1. Overview
1.1. First Steps 1.1. First Steps
1.2. Configuration 1.2. Configuration
1.3. Output 1.3. Output
skipping to change at line 6847 skipping to change at line 6847
The available commands are: The available commands are:
$client <ip4> <port> $client <ip4> <port>
$server <ip4> <port> $server <ip4> <port>
$packet -> client $packet -> client
$packet -> server $packet -> server
$packet <addr> <port> -> <addr> <port> $packet <addr> <port> -> <addr> <port>
$sof <i32:ingressZone> <i32:egressZone> <i32:ingressIntf> <i32:egressIntf> <s:sr $sof <i32:ingressZone> <i32:egressZone> <i32:ingressIntf> <i32:egressIntf> <s:sr
cIp> <i16:srcPort> <s:destIp> <i16:dstPort> <u32:opaque> <u64:initiatorPkts> <u6 cIp> <i16:srcPort> <s:destIp> <i16:dstPort> <u32:opaque> <u64:initiatorPkts> <u6
4:responderPkts> <u64:initiatorPktsDropped> <u64:responderPktsDropped> <u64:init 4:responderPkts> <u64:initiatorPktsDropped> <u64:responderPktsDropped> <u64:init
iatorBytesDropped> <u64:responderBytesDropped> <u8:isQosAppliedOnSrcIntf> <timev iatorBytesDropped> <u64:responderBytesDropped> <u8:isQosAppliedOnSrcIntf> <timev
al:sof_timestamp> <timeval:eof_timestamp> <u16:vlan> <u16:address_space_id> <u8: al:sof_timestamp> <timeval:eof_timestamp> <u32:address_space_id> <u32:tenant_id>
protocol> <u16:vlan> <u8:protocol> <u8:flags>
$eof <i32:ingressZone> <i32:egressZone> <i32:ingressIntf> <i32:egressIntf> <s:sr $eof <i32:ingressZone> <i32:egressZone> <i32:ingressIntf> <i32:egressIntf> <s:sr
cIp> <i16:srcPort> <s:destIp> <i16:dstPort> <u32:opaque> <u64:initiatorPkts> <u6 cIp> <i16:srcPort> <s:destIp> <i16:dstPort> <u32:opaque> <u64:initiatorPkts> <u6
4:responderPkts> <u64:initiatorPktsDropped> <u64:responderPktsDropped> <u64:init 4:responderPkts> <u64:initiatorPktsDropped> <u64:responderPktsDropped> <u64:init
iatorBytesDropped> <u64:responderBytesDropped> <u8:isQosAppliedOnSrcIntf> <timev iatorBytesDropped> <u64:responderBytesDropped> <u8:isQosAppliedOnSrcIntf> <timev
al:sof_timestamp> <timeval:eof_timestamp> <u16:vlan> <u16:address_space_id> <u8: al:sof_timestamp> <timeval:eof_timestamp> <u32:address_space_id> <u32:tenant_id>
protocol> <u16:vlan> <u8:protocol> <u8:flags>
Client and server are determined as follows. $packet → client Client and server are determined as follows. $packet → client
indicates to the client (from server) and $packet → server indicates indicates to the client (from server) and $packet → server indicates
a packet to the server (from client). $packet followed by a 4-tuple a packet to the server (from client). $packet followed by a 4-tuple
uses the heuristic that the client is the side with the greater port uses the heuristic that the client is the side with the greater port
number. number.
The default client and server are 192.168.1.1 12345 and 10.1.2.3 80 The default client and server are 192.168.1.1 12345 and 10.1.2.3 80
respectively. $packet commands with a 4-tuple do not change client respectively. $packet commands with a 4-tuple do not change client
and server set with the other $packet commands. and server set with the other $packet commands.
 End of changes. 2 change blocks. 
13 lines changed or deleted 13 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)