Earl, On Jan 22, 2008, at 2:07 PM, Earl wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rob, I believe someone mentioned that I also left this step out of the automated rule update process. Should this step be included there as well so the map is created if rules are updated? Earl
This step should only be executed if snort is going to be restarted after rule update. In other words, the walleye ids_sig table should always reflect the sid-map snort is using because that is what it dumps to the unified file which hflowd reads and puts in the database. So we want these guys to match.
Is this something you want to do? Rob _______________________________________________ Honeywall mailing list [email protected] https://public.honeynet.org/mailman/listinfo/honeywall
