Greetings: I'm trying to expand the rule sets for sonicwall_rules.xml in local_rules.xml
In examination of the sonicwall logs, I've found that certain types of messages (alerts, notices, etc.) can actually fall into three separate categories -- 4801, 4803, 4806. In testing, I've found the following does not work: <if_sid>4801|4803|4806</if_sid> What syntax can I use to allow a rule to be a part of multiple sid's? Thank you.
