commit 336dea6aa9dd5b2a2ae3de88f3a4213f0efae92e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Sep 1 23:04:14 2011 -0400

    bumped version to 1.6.1

commit 4cfbd3e7e29a601ac74e59031b620235ce8d76f6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Sep 1 22:58:22 2011 -0400

    (Kim Hagen) Bug fix for 'Couldn't load target' error
    
    Kim Hagen submitted this patch for a bug in fwsnort-1.6 where the fwsnort
    policy in iptables-save format could not be loaded whenever iptables-save put
    the nat table output after the filter table output.  In this case, fwsnort
    would fail with an error like the following (fixed in fwsnort-1.6.1):
    
        Couldn't load target
        `FWSNORT_FORWARD_ESTAB':/lib/xtables/libipt_FWSNORT_FORWARD_ESTAB.so:
        cannot open shared object file: No such file or directory
    
    fwsnort now invokes 'iptables-save -t filter' in order to ensure that
    ordering issues do not affect how fwsnort builds its translated rule set.

commit 19625a6eb7e40a375be733b0a74b550292f4dcf8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Sep 1 22:13:18 2011 -0400

    Bug fix for fast_pattern interpretation for relative matches
    
    This change ensures that fwsnort does not attempt to re-order pattern matches
    for patterns that have a relative match requirement.  For non-relative matches
    fwsnort re-orders pattern matches based on the pattern length, reasoning that
    the longest pattern should be processed first for better performance.  The
    usage of the fast_pattern keyword give the user explicit control over this.
    
    Here is a Snort rule that is now properly handled by fwsnort:
    
    alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Reader and Acrobat Forms Data Format Remote Security Bypass Attempt"; flow:established,to_client; file_data; content:"%FDF-"; depth:300; content:"/F(JavaScript|3a|"; nocase; distance:0; classtype:attempted-user; reference:url,www.securityfocus.com/bid/37763; reference:cve,2009-3956; reference:url,doc.emergingthreats.net/2010664; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; reference:url,www.stratsec.net/files/SS-2010-001_Stratsec_Acrobat_Script_Injection_Security_Advisory_v1.0.pdf; sid:2010664; rev:8;)
    
    Before this change, fwsnort translated this rule as:
    
    $IPTABLES -A FWSNORT_FORWARD_ESTAB -p tcp -m tcp --sport 80 -m string --hex-string "/F(JavaScript|3a|" --algo bm --from 69 --icase -m string --hex-string "%FDF|2d|" --algo bm --to 364 -m comment --comment "sid:2010664; msg:ET WEB_CLIENT Possible Adobe Reader and Acrobat Forms Data Format Remote Security Bypass Attempt; classtype:attempted-user; reference:url,www.securityfocus.com/bid/37763; rev:8; FWS:1.6;" -j LOG --log-ip-options --log-tcp-options --log-prefix "SID2010664 ESTAB "
    
    Note that in the above rule, the "/F(JavaScript|3a|" pattern was switched to
    be evaluated first even though it is a relative match to the previous pattern
    in the original Snort rule.  After this change, fwsnort translates this rule
    as:
    
    $IPTABLES -A FWSNORT_FORWARD_ESTAB -p tcp -m tcp --sport 80 -m string --hex-string "%FDF|2d|" --algo bm --to 364 -m string --hex-string "/F(JavaScript|3a|" --algo bm --from 69 --icase -m comment --comment "sid:2010664; msg:ET WEB_CLIENT Possible Adobe Reader and Acrobat Forms Data Format Remote Security Bypass Attempt; classtype:attempted-user; reference:url,www.securityfocus.com/bid/37763; rev:8; FWS:1.6;" -j LOG --log-ip-options --log-tcp-options --log-prefix "SID2010664 ESTAB "

commit d90f90270c0ad3125a42ee04de43b2fe22e93ca9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Sep 1 22:09:41 2011 -0400

    Updated to the latest Emerging Threats rule set
    
    Update to the latest 'emerging-all.rules' Snort rule set from Emerging Threats
    (http://www.emergingthreats.net).

commit 00dd168ac015fb64028dc87d5949d768d56a2598
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jul 28 20:40:36 2011 -0400

    Updated ChangeLog and added the ShortLog file
    
    Minor change to update the global ChangeLog and added the ShortLog file.

commit c9982963632825c6ddd2666a0bee9643a363de3b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jul 28 20:19:41 2011 -0400

    Added iptables capabilities test for COMMENT len
    
    In keeping with the ability to test the capabilities of iptables where fwsnort
    is deployed, added the ability find the maximum length of a string provided to
    the COMMENT match.  This match is used to store Snort rule information within
    the running fwsnort policy.

commit 9f93d921ebdfdfa03549aa2a7058e2b71d1b15b1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 26 22:17:08 2011 -0400

    Added the ChangeLog file for 'git log' output.
    
    The complete ChangeLog is derived from 'git log' with this commit.  Version-
    specific change logs will be included with each release.

commit 859958655bc272ffa0413fe9ba4568046a7b5f73
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 26 22:12:02 2011 -0400

    Bumped version from 1.5 to 1.6
    
    Bumped version from 1.5 to 1.6 in preparation for the upcoming release.

commit 3adc5b28e08cb658fd5bbb4cc0b367471c03077e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 26 21:53:52 2011 -0400

    Renamed ChangeLog -> ChangeLog.old
    
    Renamed ChangeLog -> ChangeLog.old after the svn -> git conversion.  All
    ChangeLog* files from now on will conform to:
    
    ChangeLog.v<num>   <-- This is the change log for the released version.
    ChangeLog          <-- The complete log output from git.

commit 409b78468d2e6f136d18e4a9e4528bce2e65cc06
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jul 21 23:03:29 2011 -0400

    Added support for rules updates from several URL's
    
    Added support for grabbing Snort rules from multiple URL's via a new variable
    UPDATE_RULES_URL in the /etc/fwsnort/fwsnort.conf file.  This variable can be
    specified multiple times.

commit fe692d2ece6d986a92fa6277cd1c55238145f401
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 20 23:00:07 2011 -0400

    Added --queue-pre-match-max <num> argument
    
    Added a new command line arg --queue-pre-match-max <num> that allows the number
    of patterns that will be matched within the kernel before sending a packet to
    a userspace Snort instance (via the QUEUE or NFQUEUE targets) to be limited.
    
    Here is an example for the "ET WEB_CLIENT Possible Internet Explorer srcElement
    Memory Corruption Attempt" signature from Emerging Threats (sid 2010799).
    First, here is the original rule:
    
    alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Internet Explorer srcElement Memory Corruption Attempt"; flow:established,to_client; file_data; content:"document.createEventObject"; distance:0; nocase; content:".innerHTML"; within:100; nocase; content:"window.setInterval"; distance:0; nocase; content:"srcElement"; fast_pattern; nocase; distance:0; classtype:attempted-user; reference:url,www.microsoft.com/technet/security/bulletin/ms10-002.mspx; reference:url,tools.cisco.com/security/center/viewAlert.x?alertId=19726; reference:url,www.kb.cert.org/vuls/id/492515; reference:cve,2010-0249; reference:url,doc.emergingthreats.net/2010799; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_MSIE; sid:2010799; rev:5;)
    
    The translated rule is shown below in the iptables-save format after running
    the command "fwsnort --no-ipt-sync --no-ipt-rule-num --NFQUEUE --snort-sid 2010799":
    
    -A FWSNORT_FORWARD_ESTAB -p tcp -m tcp --sport 80 -m string --string "srcElement" --algo bm --from 82 --icase -m string --string "document.createEventObject" --algo bm --from 64 --icase -m string --string ".innerHTML" --algo bm --to 190 --icase -m string --string "window.setInterval" --algo bm --from 74 --icase -m comment --comment "sid:2010799; msg:ET WEB_CLIENT Possible Internet Explorer srcElement Memory Corruption Attempt; classtype:attempted-user; reference:url,www.microsoft.com/technet/security/bulletin/ms10-002.mspx; rev:5; FWS:1.5;" -j NFQUEUE
    
    Now, by using the --queue-pre-match-max argument, instead of forcing iptables
    to match on all four patterns in the original rule, we limit it to matching
    only the first pattern.  Note also that fwsnort has interpreted the 'fast_pattern'
    keyword so that the "srcElement" pattern is searched for instead of the pattern
    "document.createEventObject" which is the first to appear in the original rule.
    
    Here is the command:
    
    fwsnort --no-ipt-sync --no-ipt-rule-num --NFQUEUE --snort-sid 2010799 --queue-pre-match-max 1
    
    The translated rule is now:
    
    -A FWSNORT_FORWARD_ESTAB -p tcp -m tcp --sport 80 -m string --string "srcElement" --algo bm --from 82 --icase -m comment --comment "sid:2010799; msg:ET WEB_CLIENT Possible Internet Explorer srcElement Memory Corruption Attempt; classtype:attempted-user; reference:url,www.microsoft.com/technet/security/bulletin/ms10-002.mspx; rev:5; FWS:1.5;" -j NFQUEUE

commit 800584c9c9cdd0158fecb5b42982f084ea0f830a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jul 17 14:25:05 2011 -0400

    Minor man page wording update for NFQUEUE mode
    
    Minor man page wording update for NFQUEUE mode to make sure to convey to the
    reader the need to disable the stream preprocessor for the userspace
    snort_inline instance.

commit 80ee4a9ff0707affb860ba9ff409082ce2e294be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jul 17 14:20:54 2011 -0400

    Added iptables capabilities test for NFQUEUE modes
    
    Added a test to see whether iptables supports either the QUEUE or NFQUEUE
    targets in --QUEUE and --NFQUEUE modes respectively.

commit acbafc7a486001d4d02437b78b2ca4464ca6dccf
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jul 17 13:09:57 2011 -0400

    Bugfix to support --NFQUEUE mode
    
    With the recent code refactoring for the Snort 'fast_pattern' keyword, the
    --QUEUE and --NFQUEUE modes were broken in the process.  This changes restores
    these modes:
    
    ./fwsnort --no-ipt-sync --NFQUEUE |grep Generated
    [+] Generated iptables rules for 12916 out of 13131 signatures: 98.36%

commit 0ca89dcbd981ac4c122754f3edf0ce1a2d4e55f0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jul 17 12:39:16 2011 -0400

    Ignore http_uri, http_method, and urilen
    
    iptables has no good way to support the http_uri, http_method, and urilen Snort
    keywords, so this change ignores them.  The tradeoff is that certain signatures
    may have a higher rate of false positives, but detection may outweigh this for
    rules like this one:
    
    alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"ET TROJAN Unknown Generic Trojan Checkin"; flow:established,to_server; content:"unit_id="; http_uri; content:"&uv_id="; http_uri; content:"&uv_new="; http_uri; content:"&url="; http_uri; content:"&charset="; http_uri; content:"&hashval="; http_uri; content:"&app="; http_uri; content:"&lg="; http_uri; classtype:trojan-activity; sid:2013204; rev:1;)
    
    It is possible to force fwsnort to not ignore the http_* keywords with the
    --strict command line argument.
    
    The number of signatures that this change picks up is trivial though for the
    bundled signature set in the deps/snort_rules/ directory:
    
    Before:
    
    ./fwsnort --no-ipt-sync |grep Generated
    [+] Generated iptables rules for 9341 out of 13131 signatures: 71.14%
    
    After:
    
    ./fwsnort --no-ipt-sync |grep Generated
    [+] Generated iptables rules for 9343 out of 13131 signatures: 71.15%

commit 683dd21a337f19886851dba71ecc24ae381e331b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 16 22:50:30 2011 -0400

    Updated to allow non-root users to execute fwsnort.
    
    This update allows non-root users to run fwsnort, but a modified fwsnort.conf
    file must be supplied that changes various paths.  Running as a non-root user
    is mostly only useful to see how fwsnort translates certain Snort rules.  Here
    is an example of running fwsnort as a non-root user:
    
    $ ./fwsnort -c fwsnort.conf.nonroot --snort-sid 1234 |less
    [+] Parsing Snort rules files...
    [+] Found sid: 1234 in web-misc.rules
        Successful translation.
    
    [+] Logfile: /home/mbr/git/fwsnort.git/fwsnort.log
    [+] iptables script (individual commands): /home/mbr/git/fwsnort.git/fwsnort_iptcmds.sh
    [*] Could not write to: /home/mbr/git/fwsnort.git/fwsnort.sh at ./fwsnort line 4418.
    [mbr@minastirith ~/git/fwsnort.git]$ ./fwsnort -c fwsnort.conf.nonroot --snort-sid 1234 |less
    [+] Parsing Snort rules files...
    [+] Found sid: 1234 in web-misc.rules
        Successful translation.
    
    [+] Logfile: /home/mbr/git/fwsnort.git/fwsnort.log
    [+] iptables script (individual commands): /home/mbr/git/fwsnort.git/fwsnort_iptcmds.sh
    
        Main fwsnort iptables-save file: /home/mbr/git/fwsnort.git/fwsnort.save
    
        It does not appear as though you are running as root, so it is NOT
        recommended that you become root and execute the fwsnort.sh script. The
        reason is that non-root users cannot execute iptables, and therefore
        fwsnort had no way to check for iptables capabilities or to parse any
        existing iptables policy for proper splicing of the fwsnort rules.
    
        Exiting.

commit 24aa16d3ed2941143c787b9e449e61ce9857c0ab
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jul 14 22:17:20 2011 -0400

    Minor change to not write args in --help mode.
    
    Minor update to exclude 'fwsnort --help' from the saved command line arguments
    copy.  This ensures that 'fwsnort --Last' does not just re-execute
    'fwsnort --help'.

commit 7d1a5d684b4883b16040b20491fcbd5455410846
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jul 10 14:37:30 2011 -0400

    Added support for the Snort 'nocase' keyword
    
    The iptables string match extension supports case insensitive matches with
    the --icase option.  This commit updates fwsnort to leverage --icase whenever
    the 'nocase' modifier it applied to a pattern match in a Snort rule.

commit 593e0963fa2d117230cfee9b9a747e4cdeae3471
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 23:59:15 2011 -0400

    Updated to the latest Emerging Threats Snort rules
    
    Updated to the latest Emerging Threats Snort rules - this file contains over
    10,000 rules now.  Here is some sample translation output stats with fwsnort:
    
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
        Snort Rules File          Success   Fail      Total
    
    [+] emerging-all.rules        7440      2582      10022
                                  =============================
                                  7440      2582      10022
    
    [+] Generated iptables rules for 7440 out of 10022 signatures: 74.24%

commit a3641f6cdad3f349f0ab79053267e7e0ffd376f6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 22:44:44 2011 -0400

    Added iptables 'multiport' match support
    
    The iptables 'multiport' match is now supported, and this enables fwsnort to
    properly translate a few Snort rules from the emerging threats rule set like
    this one:
    
    alert tcp $HOME_NET [0:20,22:24,26:138,140:444,446:464,466:586,588:901,903:1432,1434:65535] -> any any (msg:"ET MALWARE Suspicious FTP 220 Banner on Local Port (spaced)"; flow:from_server,established; content:"220 "; depth:4; content:!"VMware Authentication Daemon"; depth:32; classtype:non-standard-protocol; reference:url,doc.emergingthreats.net/2011124; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/MALWARE/MALWARE_Off_Port_FTP; sid:2011124; rev:12;)
    
    The translated version is now:
    
    $IPTABLES -A FWSNORT_FORWARD_ESTAB -p tcp -m tcp -m multiport --sports 0:20,22:24,26:138,140:444,446:464,466:586,588:901 -m string ! --string "VMware Authentication Daemon" --algo bm --to 96 -m string --string "220 " --algo bm --to 68 -m comment --comment "sid:2011124; msg:ET MALWARE Suspicious FTP 220 Banner on Local Port (spaced); classtype:non-standard-protocol; reference:url,doc.emergingthreats.net/2011124; rev:12; FWS:1.5;" -j LOG --log-ip-options --log-tcp-options --log-prefix "SID2011124 ESTAB "

commit 6aa673eed3344bd4d08f536b0ee246bc9c6c201b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 16:21:35 2011 -0400

    Added --no-fast-pattern-order to --help output
    
    Added --no-fast-pattern-order to --help output and also added the
    'fast_pattern' hash key to the 'ignore' bucket if --no-fast-pattern-order is
    given on the command line.

commit d165a722e995eace732f5165ea4b7c1dd0469dd1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 16:07:53 2011 -0400

    Implemented tighter 'within' criteria
    
    This commit fixes a problem where fwsnort was in some cases too lax with how it
    calculated relative pattern matching depths that are defined via the Snort 'within'
    keyword.  This should result in fewer fwsnort log messages for certain signatures.
    An example signature that this change improves is:
    
    alert tcp $HOME_NET any -> $AIM_SERVERS any (msg:"CHAT AIM login"; flow:to_server,established; content:"*|02|"; depth:2; content:"|00 17 00 06|"; distance:4; within:8; classtype:policy-violation; sid:1631; rev:7;)
    
    fwsnort previous to this change translated this as a set of signatures including
    the following (allowing for the multiple IP's in the $AIM_SERVERS variable):
    
    $IPTABLES -A FWSNORT_FORWARD_ESTAB -d 64.12.24.0/24 -p tcp -m tcp -m string --hex-string "*|02|" --algo bm --to 66 -m string --hex-string "|00170006|" --algo bm --from 70 --to 76 -m comment --comment "sid:1631; msg:CHAT AIM login; classtype:policy-violation; rev:7; FWS:1.5;" -j LOG --log-ip-options --log-tcp-options --log-prefix "SID1631 ESTAB "
    
    After this change the signature becomes:
    
    $IPTABLES -A FWSNORT_FORWARD_ESTAB -d 64.12.24.0/24 -p tcp -m tcp -m string --hex-string "*|02|" --algo bm --to 66 -m string --hex-string "|00170006|" --algo bm --from 70 --to 74 -m comment --comment "sid:1631; msg:CHAT AIM login; classtype:policy-violation; rev:7; FWS:1.5;" -j LOG --log-ip-options --log-tcp-options --log-prefix "SID1631 ESTAB "
    
    Note that in the second pattern match the --to criteria has been reduced from
    76 to 74.  (The second rule was generated with --no-fast-pattern-ordering to
    make the diff make sense more easily.)

commit 49acb36d0ea8425ebaedd03f9f41140781b56ca0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 12:00:23 2011 -0400

    Added the --no-fast-pattern-ordering argument
    
    Added --no-fast-pattern-ordering to have fwsnort not try to reorder pattern
    matches to process the longest pattern first.  This option also instructs
    fwsnort to ignore the Snort 'fast_pattern' keyword in any Snort rule.

commit e35727256975e86135038fef093393e777f32210
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 11:47:19 2011 -0400

    Moved GetOpt() call to handle_cmd_line()
    
    Minor updated to move the GetOpt() function call for parsing command line args
    to the handle_cmd_line() function (where it should have been for a while).

commit 4d65f91f4439831f2ebff6ea3430de079eef7201
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 8 22:50:13 2011 -0400

    minor man page wording update

commit b27412de270377b51325fbbd43b5d18ed87a8183
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 8 22:47:05 2011 -0400

    Fixed fast_pattern support for relative matches
    
    This is a significant code refactoring in order to support the fast_pattern
    keyword when relative matches are involved.  Previous to this change, the
    initial fast_pattern implementation would not take into account how the
    iptables --from and --to keywords should be set under the 'distance' and
    'within' keywords.

commit d7c2ceb906f120cb55df41d2fe277d0f17f1e5f6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 5 23:14:19 2011 -0400

    Added 'detection_filter' to not supported list
    
    The newer 'detection_filter' Snort keyword (a replacement for the older
    'threshold' keyword) is not supported yet.  The iptables limit match should
    be able to help here eventually.

commit 1e024f14f34453eb992fa9370dd4f04b02374074
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 5 22:46:34 2011 -0400

    minor comment wording update for TCP options

commit 81a6a2b8896d8f7e62e4160004809ad8fd9e245b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 5 06:47:25 2011 -0400

    Added content match ordering based on length
    
    In cases where the 'fast_pattern' option is not used, Snort generally tries to
    pick the longest pattern to match first since this should usually result in
    better performance.  That is, longer there is a higher chance for a longer
    string to be more unique, and this would result in shorter strings from not
    being searched for.  This works in the context of iptables because 'matches'
    are AND'd togther, so if the first string match fails, no subsequent string
    matches will be executed.  Hence, the search for "shortstr" below would not
    happen if the search for "thisisalongstring" failed:
    
    -m string --string 'thisisalongstring' --algo bm -m string --string 'shortstr' --algo bm
    
    One thing to note is that iptables does not support relative string matches
    in the same way that Snort does.  The iptables string match can specify an
    offset and depth into the packet via --from and --to.  The end result is that
    the fwsnort way of maximizing performance is to find the longest string, do
    the match, and apply an approximation for --from and --to whenever they are
    required for any pattern.  That is, it doesn't have to worry about relative
    matches and finding the end of a pattern in order to know where to start the
    next search.  Now, this will result in signature matching in fwsnort not
    being as accurate as Snort (remember that fwsnort emulates Snort behavior as
    closely as possible given functionality implemented in iptables), but it
    should be faster.

commit f1a68b5e3a02f593030ac07fc89546e1426e8a83
Merge: 439f739 509b3d9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 4 22:19:53 2011 -0400

    Merge branch 'master' of github.com:mrash/fwsnort

commit 439f739bcf268a6e94720dabc31b00dd72ebb566
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 4 21:57:14 2011 -0400

    Added 'fast_pattern' support + no patterns bug fix
    
    Added support for the Snort 'fast_pattern' keyword which is used to force a
    particular payload match to be done first.  This allows the signature author
    to optimize the performance of certain signatures based on a knowledge of
    how likely certain strings are to match within application layer protocols.
    A gooo write up of the 'fast_pattern' keyword was posted to the VRT blog
    here:
    
    http://vrt-blog.snort.org/2010/04/using-snort-fast-patterns-wisely-for.html
    
    Also fixed a bug that would exclude all signatures that do not have at least
    one content match.  A good example of such a signature is this one:
    
    alert tcp $EXTERNAL_NET 6112 -> $HOME_NET any (msg:"ET GAMES Battle.net
    connection reset (possible IP-Ban)"; flags:R,12; classtype: policy-violation;
    reference:url,doc.emergingthreats.net/bin/view/Main/2002117;
    reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/GAMES/GAMES_Battlenet;
    sid:2002117; rev:6;)
    
    Between this bug fix and the 'fast_pattern' support, fwsnort is able to
    translated nearly 300 additional signatures beyond the fwsnort-1.5 release:
    
    [+] Generated iptables rules for 8529 out of 12224 signatures: 69.77%
    
    [+] Generated iptables rules for 8812 out of 12224 signatures: 72.09%

commit 509b3d97f0a277c0ef84b7c737f991e1685610a6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 4 21:57:14 2011 -0400

    Added support for Snort keyword 'fast_pattern'
    
    Added support for the Snort 'fast_pattern' keyword which is used to force a
    particular payload match to be done first.  This allows the signature author
    to optimize the performance of certain signatures based on a knowledge of
    how likely certain strings are to match within application layer protocols.
    A gooo write up of the 'fast_pattern' keyword was posted to the VRT blog
    here:
    
    http://vrt-blog.snort.org/2010/04/using-snort-fast-patterns-wisely-for.html

commit 79a88abbf186c2eefbdf0d7ebeef3493ecf80fbe
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 20:52:22 2011 -0400

    minor man page wording update

commit a8663fdb1779b17dcd136c319a883c8cada839e5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 20:50:30 2011 -0400

    Added three Snort signature keywords
    
    Added the 'detection_filter', 'threshold', and 'urilen' Snort rule keywords.
    Also included a minor update to calculate max keyword length on the fly.

commit ddedf5d8447f1a5d819308471e98a0cdf527acd2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jun 29 20:23:38 2011 -0400

    Added newer Snort keywords to snort_opts.pl
    
    Added Snort keywords fast_pattern, http_header, http_uri, and http_method
    to the snort_opts.pl script.

commit cfcb1ea40313e2176afd67ada576748e38f7c10b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 22:39:57 2011 -0400

    minor ChangeLog update

commit bc184f2edfc11bb9e4beeab73d8ec5f2413faf77
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 21:41:19 2011 -0400

    Bugfix for --ipt-apply to exec fwsnort.sh
    
    Fixed the --ipt-apply functionality - the variable that held the fwsnort.sh
    path was not initialized properly prior to this change.

commit 00c4379a69975097948ed9e5ba356eeba69c0c93
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 20 21:00:57 2011 -0400

    Added the --Conntrack-state argument
    
    Added the --Conntrack-state argument to specify a conntrack state in place of
    the "established" state that commonly accompanies the Snort "flow" keyword.
    By default, fwsnort uses the conntrack state of "ESTABLISHED" for this.  In
    certain corner cases, it might be useful to use "ESTABLISHED,RELATED" instead
    to apply application layer inspection to things like ICMP port unreachable
    messages that are responses to real attempted communications.  (Need to add
    UDP tracking for the _ESTAB chains for this too - coming soon.)

commit 84f12e1f048ff94ceab7e6ed3aa596864eefe763
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 20 20:09:06 2011 -0400

    Added test for conntrack --ctstate
    
    Recent releases of iptables and the Linux kernel support matching
    on connection state via the conntrack modules and the --ctstate
    switch.  Added a capabilities test for this, and will fall back to
    using the state match if the conntrack module is not available.

commit 7645c3977e65471f5c9ba730a300b04f73901786
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 19 11:58:05 2011 -0400

    Bugfix for --ipt-list and --ipt-flush
    
    Fixed a problem with --ipt-list and --ipt-flush to ensure that the proper
    iptables binary path is chosen.  These args failed without this because the
    iptables binary was not set.

commit 304f5c6e44668a89ec91924a8e32799cf4ee3736
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 19 11:14:44 2011 -0400

    Bugfix for --log-prefix maximum lengths
    
    Bugfix to ensure the iptables log prefixes built by fwsnort are not
    longer than those allowed by the running iptables firewall.  This is
    usually a total of 29 characters, but fwsnort now dynamically figures out
    this value.
    
    This bug was originally reported by Yves Pagani to the fwsnort mailing
    list.

commit 3b45f07288edfd7988c0b953bf33c02374b5c09b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 18 22:40:56 2011 -0400

    Removed old reference to $rev_num
    
    In keeping with svn, fwsnort used to store the $Id$ file ID into $rev_num. This
    has been removed.

commit 2081d991865b347e6bf123e8d94076b1ebb7eb31
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 18 21:09:12 2011 -0400

    Removed legacy $Id$ tags (for old svn repos)
    
    $Id$ tags don't really mean anything to git so they have been removed from all
    source files.

commit ad1f61d3068a179b4445659fba9d716731e2b5d6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 9 14:54:49 2011 +0000

    wording fix for the fwsnort-1.5 ChangeLog
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@561 af5c991a-1414-0410-86ad-c3437102cd4a

commit aeca4bc970a882908e56344e164fd41c4659a9be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 9 03:14:15 2011 +0000

    bumped software version to 1.5
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@556 af5c991a-1414-0410-86ad-c3437102cd4a

commit e4db8e0b560f887bde3692787a146b39b3fc540e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jan 3 01:46:00 2011 +0000

    minor date update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@554 af5c991a-1414-0410-86ad-c3437102cd4a

commit f7f26997937e299da1134e9a5f9b1acfee19698f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jan 3 01:45:26 2011 +0000

    bumped version to: 1.5-pre5
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@553 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5846c2c2a583a9c2f3ccdf973302a7640098be9a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jan 3 01:38:51 2011 +0000

    copyright date update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@552 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5e692d830b7ee4eaaa8743aab2acf4df6f34cee5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jan 3 01:37:31 2011 +0000

    added UPGRADE section
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@551 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6b71d7fb7722511dcd5fc80e4bb76671c8bd401d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 31 15:50:02 2010 +0000

    update to include information about the iptables-save format
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@550 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5862901949a5568fc75a41a27a40b759dea81e0e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 31 15:38:13 2010 +0000

    minor wording update to include ip6tables policies
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@549 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1e7ae3a558eaec9c615b83d4ffcd4e7abf5bf7f1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 31 15:37:04 2010 +0000

    added the ability to build ip6tables policies in ip6tables-save format
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@548 af5c991a-1414-0410-86ad-c3437102cd4a

commit 60869ae44351e01bb2de78ea140dd3041df5d28d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 31 14:41:21 2010 +0000

    minor update to include the GPL version number (v2) suggested by Guillermo Gomez
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@547 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6204d89d4a4ee15f96bc2470af4f57fa8944db90
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Dec 28 04:13:57 2010 +0000

    bumped to version 1.5-pre4
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@545 af5c991a-1414-0410-86ad-c3437102cd4a

commit b74bf5aebce91e683786eac7c9253cfe82e1dcba
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 26 22:14:01 2010 +0000

    - Added the --string-match-alg argument to allow the string matching
    algorithm used by fwsnort to be specified from the command line.  The
    default algorithm is 'bm' for 'Boyer-Moore', but 'kmp' may also be
    specified (short for the 'Knuth–Morris–Pratt' algorithm).
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@544 af5c991a-1414-0410-86ad-c3437102cd4a

commit d8389423d1500cc269ae0d90d406b775dc692bdc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 24 04:39:52 2010 +0000

    bumped version to 1.5-pre3
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@542 af5c991a-1414-0410-86ad-c3437102cd4a

commit f492adbe8d4354c673372efbfc76db601a579e1a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 24 04:39:26 2010 +0000

    - Updated to the latest complete rule set from Emerging Threats (see
    http://www.emergingthreats.net/).
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@541 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4383693e75aaa428b04e3ca903fa56a727842b06
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 24 04:39:04 2010 +0000

    updated to default to pulling Snort rules from the rules directory in --snort-rfile mode when running as root
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@540 af5c991a-1414-0410-86ad-c3437102cd4a

commit c6e6e700b2a2172a783f611fd9d8f751528637f2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 24 04:26:53 2010 +0000

    bug fix to make sure to add the 'COMMIT' and '# Completed ...' lines at the end of the generated fwsnort.save file
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@539 af5c991a-1414-0410-86ad-c3437102cd4a

commit 12faa4828648f8e130319c3ab55313e28fd2ff8a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 24 04:26:06 2010 +0000

    updated to point to the correct Emerging Threats rule set, and added the --rules-url arg (similiar to fwsnort)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@538 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4cbe9196cf99512314db42a7683abd45af829621
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 23 04:48:24 2010 +0000

    bumped version to: 1.5-pre2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@536 af5c991a-1414-0410-86ad-c3437102cd4a

commit c91a9e3b1d4127c9c41b0c34f773479819ca7303
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 23 04:48:09 2010 +0000

    - Added the --rules-url argument so that the URL for updating the
    Emerging Threats rule set can be specified from the command line.  The
    default is:
    
    http://rules.emergingthreats.net/open/snort-2.9.0/emerging-all.rules
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@535 af5c991a-1414-0410-86ad-c3437102cd4a

commit b7f72533e27106212115f56de75cf7bebbb8d897
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 23 04:38:01 2010 +0000

    bumped version to 1.5-pre1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@533 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4d76e8842af9019ef31d3b7bfd7f1bcce38cec2d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 23 04:37:45 2010 +0000

    minor comments update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@532 af5c991a-1414-0410-86ad-c3437102cd4a

commit db5a1b4dc25444a65f86b61fe34190af6873ae11
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 23 04:31:15 2010 +0000

    moved to instantiate the fwsnort iptables-save policy via /etc/fwsnort/fwsnort.sh
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@531 af5c991a-1414-0410-86ad-c3437102cd4a

commit 570111ee85cdd6324e4dcf18f606169af082c7bd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Dec 14 15:16:56 2010 +0000

    - Updated to automatically check for the maximum length string that the
    string match supports, and this is used to through out any Snort rules
    with content matches longer than this length.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@530 af5c991a-1414-0410-86ad-c3437102cd4a

commit 09f524ad56a680feaadb61958984fe2bb0ac05f2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Dec 14 14:24:30 2010 +0000

    - Updated the iptables capabilities testing routines to add and delete
    testing rules to/from the custom chain 'FWS_CAP_TEST'.  This maintains a
    a cleaner separation between fwsnort and any existing iptables policy
    even during the capabilities testing phase.
    - Added the --ipt-check-capabilities argument to have fwsnort test the
    capabilities of the local iptables firewall and exit.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@529 af5c991a-1414-0410-86ad-c3437102cd4a

commit 52055879592626890c8cd21281d80218ccd1a077
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 23 01:09:19 2010 +0000

    Major update to being moving to using the iptables-save format instead of the older
    strategy to always just execute iptables commands directly.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@528 af5c991a-1414-0410-86ad-c3437102cd4a

commit fdc2299ad72eb1f66c015cf1946a259c4cef95f0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Feb 6 03:33:39 2010 +0000

    updated GPL license string to mention GPLv2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@527 af5c991a-1414-0410-86ad-c3437102cd4a

commit e9cabdbf12e070a9dc7bd27b6fa0cbbd4b77835e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Feb 6 03:33:22 2010 +0000

    minor version fix (1.1)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@526 af5c991a-1414-0410-86ad-c3437102cd4a

commit dd034784d18f922fd7544f4562fa0614c9fc1048
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jan 6 01:54:52 2010 +0000

    minor update Snort -> SNORT
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@522 af5c991a-1414-0410-86ad-c3437102cd4a

commit 15314c3c36c588b8096ce0ed0c6d652f5a42e173
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jan 6 01:36:34 2010 +0000

    bumped version to 1.1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@521 af5c991a-1414-0410-86ad-c3437102cd4a

commit da925692672722b9770efa5874c25cbe7b66424f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jan 6 01:29:45 2010 +0000

    added a -6 example to the EXAMPLES section
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@520 af5c991a-1414-0410-86ad-c3437102cd4a

commit 94d36d0106e15028bd7172f2c64f7ac5f801aa17
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 5 03:57:20 2010 +0000

    bumped version to 1.1-pre3
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@518 af5c991a-1414-0410-86ad-c3437102cd4a

commit 795112d30171d6222ae9da2f6840fd3ea9628290
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 5 03:57:08 2010 +0000

    added Guillermo Gomez
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@517 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0e733d05d612fad665bf7fc7955f01e1c8a8a450
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 5 03:51:38 2010 +0000

    bumped version to 1.1-pre2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@515 af5c991a-1414-0410-86ad-c3437102cd4a

commit a161a0d823c75b3a3d0cec3e4e149871fe8784f8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 5 03:39:53 2010 +0000

    - Updated fwsnort to create logs in the /var/log/fwsnort/ directory
      instead of directly in the /var/log/ directory.  The path is controlled
      by a new variable 'LOG_FILE' in the /etc/fwsnort/fwsnort.conf file.
    - Added several variables in /etc/fwsnort/fwsnort.conf to control paths
      to everything from the config file to the snort rules path.  Coupled
      with this is the ability to create variables within path components and
      fwsnort will expand them (e.g. 'CONF_DIR /etc/fwsnort;
      CONF_FILE $CONF_DIR/fwsnort.conf').
    - Added --Last-cmd arg so that it is easy to rebuild the fwsnort.sh script
      with the same command line args as the previous execution.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@514 af5c991a-1414-0410-86ad-c3437102cd4a

commit 81f9e919ad4a9d5ae74e4559e14ed170cc3b9895
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Dec 22 02:53:12 2009 +0000

    updated version to 1.1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@512 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7dd40b32768276dfb3e5d8adf87979fea9bda095
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Dec 22 02:52:01 2009 +0000

    - Added the ability to build an fwsnort policy that utilizes ip6tables
    instead of iptables.  This allows fwsnort filtering and altering
    capabilities to apply to IPv6 traffic instead of just IPv4 traffic.  To
    enable ip6tables usage, use the "-6" or "--ip6tables" command line
    arguments.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@511 af5c991a-1414-0410-86ad-c3437102cd4a

commit ee6d073cd76383f7bc493b05087d551ced37fa45
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Dec 21 04:17:57 2009 +0000

    - Added the --include-perl-triggers command line argument so that
    translated Snort rules can easily be tested.  This argument instructs
    fwsnort to include 'perl -e print ... ' commands as comments in the
    /etc/fwsnort/fwsnort.sh script, and these commands can be combined
    with netcat to send payloads across the wire that match Snort rules.
    - Minor documentation fixes.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@510 af5c991a-1414-0410-86ad-c3437102cd4a

commit cb1d0fb44d821839a4937cfc281a6d9f2e75e22a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Dec 21 03:55:01 2009 +0000

    updated to the latest Emerging Threats rule set
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@509 af5c991a-1414-0410-86ad-c3437102cd4a

commit 94e6a9a46087a9cf062b38610efd80c1817dfcb1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 4 16:13:49 2009 +0000

    updated to the latest Emerging Threats rule set
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@508 af5c991a-1414-0410-86ad-c3437102cd4a

commit b661ed228f93310899aa0e9ffab1e7ffbe79a7f4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 30 21:57:28 2009 +0000

    merged: svn merge -r 500:504 file:///home/mbr/svn/fwsnort_repos/fwsnort/branches/fwsnort-1.0.6
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@507 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4029a64dea70ee129e4d290d98ad3c8fd2774b98
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 30 02:39:38 2009 +0000

    version 1.0.6
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@499 af5c991a-1414-0410-86ad-c3437102cd4a

commit 94552406872b5b295a1b70bf88b12a95a8275092
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 30 02:39:14 2009 +0000

    version 1.0.6
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@498 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6415ed52903474f97709265bdd74341fd3be48ee
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 30 02:39:00 2009 +0000

    Added the 'BuildRequires: perl-ExtUtils-MakeMaker' statement
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@497 af5c991a-1414-0410-86ad-c3437102cd4a

commit 541e71e744e3a993c8ec7296f0bb457e2f5987e5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed May 27 21:29:48 2009 +0000

    bumped version to fwsnort-1.0.6-pre4
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@495 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5418cddb0aaeaac3120403c6e5f97606eeeb5ba4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed May 27 21:25:49 2009 +0000

    - Bug fix to move the 'rawbytes' keyword to the list of keywords that are
    ignored since iptables does a raw match anyway as it doesn't run any
    preprocessors in the Snort sense.
    - Added a small hack to choose the first port from a port list until the
    iptables 'multiport' match is supported.
    - Updated to consolidate spaces in hex matches in the fwsnort.sh script
    since the spaces are not part of patterns to be searched anyway.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@494 af5c991a-1414-0410-86ad-c3437102cd4a

commit 71b32224c7185f760e5bd376bcc21d3773791ff7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed May 27 18:25:11 2009 +0000

    minor cleanup (href->hr, aref->ar)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@493 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9fbba8d25795226eb09739794fd0912d57faf544
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed May 27 17:39:49 2009 +0000

    - Bug fix to allow case insensitive matches to work properly with the
      --include-re-caseless and --exclude-re-caseless arguments.
    - Added the --snort-rfile argument so that a specific Snort rules file (or
    list of files separated by commas) is parsed.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@492 af5c991a-1414-0410-86ad-c3437102cd4a

commit 74acc6edb79e3ec5d821a272c0d31514ba1465bb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 16 15:20:54 2009 +0000

    updated version to 1.0.6-pre3
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@490 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5f46c081e5695a639c1515a54422690de7f6fbd2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 16 15:07:10 2009 +0000

    Bug fix to allow fwsnort to properly translate snort rules that have
    "content" fields with embedded escaped semicolons (e.g. "\;").  This
    allows fwsnort to translate about 85 additional rules from the Emerging
    Threats rule set.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@489 af5c991a-1414-0410-86ad-c3437102cd4a

commit dff3641ab919871631a6e4d2fdf0f845a1f317ee
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat May 16 14:49:47 2009 +0000

    updated to the latest rule set from Emerging Threats
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@488 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2ec4a3b4afddb046576d52f97386709f34e2c3a6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 22 02:26:57 2009 +0000

    updated to version 1.0.6-pre2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@486 af5c991a-1414-0410-86ad-c3437102cd4a

commit d919d043ce5ed484a6e16fb88aabd00d39617098
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 22 02:26:43 2009 +0000

    - Updated to the latest complete rule set from Emerging Threats (see
    http://www.emergingthreats.net/).
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@485 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8c22e90c65aeb97fd6b5acf86264e0a5318a08de
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 22 02:22:46 2009 +0000

    - (Franck Joncourt) Updated fwsnort to use the "! <option> <arg>" syntax
    instead of the older "<option> ! <arg>" for the iptables command line.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@484 af5c991a-1414-0410-86ad-c3437102cd4a

commit f4ca2171bb05fb4b75d4a9544ec99fce9ce726ac
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jan 31 03:00:25 2009 +0000

    bumped version to 1.0.6-pre1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@482 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f5df0dc0de2bae180d4d8af1203cc871acef242
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jan 31 02:59:53 2009 +0000

    From: Franck Joncourt <franck.mail@dthconnex.com>
    Subject: [PATCH] fixes/content_length
    
    [quote]
    iptables v1.4.2: STRING too long `|7c|XML|7c
    7c|if|7c|SPAN|7c|navigator|7c|CDATA|7c|http|7c|com|7c|w2k3|7c|appVersion|7c|
    version|7c|nt|7c|7c|X|7c|MSIE|7c|wxp|7c|114|7c|HTML|7c|DATAFLD|7c|DATASRC|7c|
    DATAFORMATAS|7c|ID|7c|while|7c|2003|7c|'
    [/quote]
    
    For the --hex-string and --string matches, if the argument exceeds 128 bytes
    (iptables 1.4.2) then iptables fails as above.
    
    Thus, this patch add a new variable in fwsnort.conf "MAX_STRING_LEN", so that
    the size of the content can be limited. If the content (null terminated string)
    is more than MAX_STRING_LEN chars, fwsnort throws the rule away.
    
    Signed-off-by: Franck Joncourt <franck.mail@dthconnex.com>
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@481 af5c991a-1414-0410-86ad-c3437102cd4a

commit b9f08cf1eeeaa147cab06df7344832d550f23019
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Oct 26 23:03:09 2008 +0000

    wording updates for the fwsnort(8) man page from Justin B Rye and Franck Joncourt
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@480 af5c991a-1414-0410-86ad-c3437102cd4a

commit c3749cae0740161a50b5019549e9d83937ef3c76
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Sep 30 04:11:04 2008 +0000

    content match fix for Emerging Threats Snort rule ID 2007975 (Frank Joncourt)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@479 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4838f2ca96ed0d7d6441ee2b58de7a89c7172659
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Sep 30 04:10:10 2008 +0000

    bugfix in strict mode to use the fact that the threshold keyword is already unsupported (Franck Joncourt)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@478 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4ad5bb9c9b9b2093702dc19664b1d6012b5e1bb2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 27 02:38:43 2008 +0000

    minor update to include download directory in status output in --update mode
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@477 af5c991a-1414-0410-86ad-c3437102cd4a

commit 79d47f03c7483a9688b3e65accc6c001451b2a17
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 22 03:26:36 2008 +0000

    updated to correct tar.gz path in --no-deps mode
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@476 af5c991a-1414-0410-86ad-c3437102cd4a

commit 122821f5f69280c129d86735a14bdefdd3360a3e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 22 00:22:28 2008 +0000

    version 1.0.5
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@472 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7ae1844502a0e1f42922c761534793fcf3f380fb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 22 00:20:48 2008 +0000

    updated release date
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@471 af5c991a-1414-0410-86ad-c3437102cd4a

commit ae27da188629bb442686c0ec2ba8d9a682845839
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 22 00:20:36 2008 +0000

    Added support for nodeps RPM's
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@470 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8905e2f28ad5b55af36f6b3792f5bed0fbd83de9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 14:11:19 2008 +0000

    added download of Emerging Threats as a tarball (suggested by Franck Joncourt)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@469 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2b3b278cfe1678c2ac959fd357e43b2c5dc4b148
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 05:10:13 2008 +0000

    minor dodumentation fixes
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@468 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6130f791fcac60d54f1b835f7a8962000227e13c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 04:49:50 2008 +0000

    bumped version to 1.0.5-pre4
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@466 af5c991a-1414-0410-86ad-c3437102cd4a

commit 78342bd002d1c4a60a48d93fdfb845a5055f39be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 04:47:59 2008 +0000

    moved 'threshold' to the unsupported list since there will be several signatures that use this feature to detect the Dan Kaminsky DNS attack
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@465 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3532d8d194176645823b7b1c705728259a6a9441
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 04:28:36 2008 +0000

    updated 1.0.5 release date, removed perl module path updating code
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@464 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7654dfc7037c6f56b72c2596372f89f560e40ef8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 04:17:43 2008 +0000

    bugfix for IPTables::ChainMgr -> IPTables::Parse
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@463 af5c991a-1414-0410-86ad-c3437102cd4a

commit f0e427ca8bfe730f731da27f97edd10a44a34eb0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 16 01:13:14 2008 +0000

    bumped version to 1.0.5-pre3
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@461 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7680f6d0a9038eaa36d4a7c7e93c0aa64b915acf
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 04:41:17 2008 +0000

    added bump_version.pl file
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@460 af5c991a-1414-0410-86ad-c3437102cd4a

commit 75c90d6c1a764929fca20b2336d0b2b68760f304
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 04:40:55 2008 +0000

    bugfix to exclude all directories except for the first in --update mode if multiple directories are given as a comma-separated list
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@459 af5c991a-1414-0410-86ad-c3437102cd4a

commit fca93a74a6d12dbb13cc6c7a3d63ef3ca4ffdb6a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 04:35:05 2008 +0000

    Added support for multiple Snort rule directories as a comma-separated
    list for the argument to --snort-rdir.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@458 af5c991a-1414-0410-86ad-c3437102cd4a

commit b80f383cc85f53803fc404471ee730b3caf891e4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 02:36:07 2008 +0000

    removed old 'use lib' call since fwsnort uses the 'require' strategy now
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@457 af5c991a-1414-0410-86ad-c3437102cd4a

commit f931fedc5ffaa8257efde492bd7934f5a36d616d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 01:20:27 2008 +0000

    applied patch from Franck Joncourt to fix fwsnort man page to replace bleeding-all with emerging-all
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@456 af5c991a-1414-0410-86ad-c3437102cd4a

commit 27c010b10fdfd0c210565065f8d83caaf2d57515
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 01:15:30 2008 +0000

    minor update to make sure to always return to the source directory when installing perl modules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@455 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6966f7f44b83aa16f8e594980446dbca0acb66dd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 01:14:31 2008 +0000

    minor fwsnort URL fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@454 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7bf40dff0bb6486ad423663f406d33f9074f42cb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Aug 15 01:14:22 2008 +0000

    removed moddir, minor fwsnort URL fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@453 af5c991a-1414-0410-86ad-c3437102cd4a

commit b81297b7e65256fe415ed73f32f59a791570ab27
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 04:17:22 2008 +0000

    version to 1.0.5-pre2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@451 af5c991a-1414-0410-86ad-c3437102cd4a

commit 51bb7770d13e668a974aef88366f8825782fedc5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 04:15:32 2008 +0000

    updated to handle snort_rules/ directory move to deps/
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@450 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8e3fb70951e9fed711a8b32dbdf093ad06ba2a94
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 04:14:30 2008 +0000

    added -nodeps patch from Franck
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@449 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0dee6908ab1507016f7b3282deadd485842db12f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 04:14:15 2008 +0000

    added --snort-rdir patch from Franck
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@448 af5c991a-1414-0410-86ad-c3437102cd4a

commit 279bba5217cf3874744d4cf6de993e52c23eaf80
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 04:09:44 2008 +0000

    moved snort_rules directory into deps/, switched to Emerging Threats signature set
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@447 af5c991a-1414-0410-86ad-c3437102cd4a

commit db7bb2b1e969bcf57cb71b063105f4931bc5e9cd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 13 03:09:20 2008 +0000

    removed bleeding-all.rules and added emerging-all.rules since Matt Jonkman has switched to Emerging Threats
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@446 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8870b18cdece9f6d74d5677a58431cf57e2cc1d7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:23:19 2008 +0000

    chdir path bugfix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@444 af5c991a-1414-0410-86ad-c3437102cd4a

commit 65c38e19f3856f186e6e11c4418ec365b4eb158c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:18:59 2008 +0000

    bumped version to 1.0.5-pre1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@443 af5c991a-1414-0410-86ad-c3437102cd4a

commit 29ef878d0ebd9bdbedc029fdfcfc0d1d89bb6375
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:14:27 2008 +0000

    Updated to import perl modules from /usr/lib/fwsnort, but only if this
    path actually exists in the filesystem.  This is similar to the strategy
    implemented by psad.  A new variable FWSNORT_LIBS_DIR was added to the
    fwsnort.conf to support this.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@442 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1ec2f105a096f3c375536a2b3bdd1a8adc1e7bea
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:12:49 2008 +0000

    added dependencies discussion
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@441 af5c991a-1414-0410-86ad-c3437102cd4a

commit 42121958347e9a57f76271df2585013b0af43105
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:09:41 2008 +0000

    update for Franck
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@440 af5c991a-1414-0410-86ad-c3437102cd4a

commit f2afc7713d0e54a2812346ea37e18b8532138c47
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Aug 9 15:05:50 2008 +0000

    minor bugfix to include missed skip_module_install var
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@439 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1b2916e6ba8d9efc5d170a60c575dafc97fcc436
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Aug 7 09:17:04 2008 +0000

    added fwsnort-nodeps.spec file, updated fwsnort.spec to handle deps/ directory
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@438 af5c991a-1414-0410-86ad-c3437102cd4a

commit e687b5e20c0dc0074a6180be491640021a77a7dc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Aug 7 09:07:10 2008 +0000

    moved IPTables-Parse and Net-IPv4Addr to the deps/ directory
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@437 af5c991a-1414-0410-86ad-c3437102cd4a

commit 056bbbc6929e00f79bcb20bade64ac94c75b028d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 6 08:13:49 2008 +0000

    added code to handle new deps/ directory
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@436 af5c991a-1414-0410-86ad-c3437102cd4a

commit a4b8fa2929f2bfe050aeb033374f77389b53d7d9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 6 08:11:53 2008 +0000

    minor update to include contributors
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@435 af5c991a-1414-0410-86ad-c3437102cd4a

commit 679c4bc04f895bc11a3b9aec46eff61adc05e121
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Aug 6 08:10:41 2008 +0000

    added deps/ directory
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@434 af5c991a-1414-0410-86ad-c3437102cd4a

commit 38ab85a242886e01a2d8c30719ac862b51c0d7db
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jun 20 03:51:04 2008 +0000

    Franck Joncourt
        - Submitted patch to fix double dash format in fwsnort man page.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@433 af5c991a-1414-0410-86ad-c3437102cd4a

commit 877923c0735e9770afc436c6b8dfd609fecc9bea
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Feb 18 02:36:18 2008 +0000

    minor contributor update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@432 af5c991a-1414-0410-86ad-c3437102cd4a

commit e6d860c9ba93710877d34560118e51671fc9978d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Feb 17 06:05:01 2008 +0000

    minor usage update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@431 af5c991a-1414-0410-86ad-c3437102cd4a

commit 80749d9dd00fdff7db5338744c2aca7ef16c0f9a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Feb 17 06:04:04 2008 +0000

    minor usage update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@430 af5c991a-1414-0410-86ad-c3437102cd4a

commit 41c9806fdcd3ac9c97bb99a0380e67209aacf23c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jan 23 03:32:53 2008 +0000

    version 1.0.4
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@425 af5c991a-1414-0410-86ad-c3437102cd4a

commit b16f2da5861ef39d25d3543d95fe0d78710375a3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 20 02:36:00 2008 +0000

    updated with Grant's last name
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@424 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5c8401f8b3c21d7242031989a0d56f2988380e0c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jan 18 04:35:02 2008 +0000

    version 1.0.4-pre1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@422 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4b018c6b80820447a1aa597680de153927c685e6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jan 18 04:25:55 2008 +0000

    (Grant)  Suggested bugfix to allow negated networks to be specified within
    iptables allow rules or within the fwsnort.conf file.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@421 af5c991a-1414-0410-86ad-c3437102cd4a

commit cd023d06a80bdec20816c78ac1b3a72a57447c60
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jan 18 04:24:19 2008 +0000

    Added Grant
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@420 af5c991a-1414-0410-86ad-c3437102cd4a

commit a6aba363aed424042befc47a1d9a6729096f1c08
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jan 18 03:20:12 2008 +0000

    (Grant) updated to set sport and dport to 0:0 if protocol == all
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@419 af5c991a-1414-0410-86ad-c3437102cd4a

commit e410f8be3cf58b1e7a564fab01b57aecc83deafc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jan 18 02:57:06 2008 +0000

    version 0.5, applied zero protocol fix from Grant, updated to handle ULOG rules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@418 af5c991a-1414-0410-86ad-c3437102cd4a

commit ae8cc87b1fb01bc8ca44eb8fd13c4a6f6e5ea744
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 15 04:39:14 2008 +0000

    added LC_ALL='C' locale setting, added --Exclude-mod-regex
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@417 af5c991a-1414-0410-86ad-c3437102cd4a

commit eff7fc3150dc09f0a910a5ff616c2560df1c3f44
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 15 04:36:04 2008 +0000

    updated to latest (last?) Bleeding Threats signature set
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@416 af5c991a-1414-0410-86ad-c3437102cd4a

commit d5d15e1298526def204028b18ed46f1ba6935980
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 22 19:29:08 2007 +0000

    fwsnort-1.0.3 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@412 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9c5fe44a9912de4c35e1c048b4b8ea29df824384
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 22 19:20:42 2007 +0000

    minor comment updates
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@411 af5c991a-1414-0410-86ad-c3437102cd4a

commit 507929f45b63b2bf263fd831a91c1b74508e224a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 05:18:53 2007 +0000

    fwsnort-1.0.3 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@410 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2e74c9fe72dc0cb46aedf0fa3590f83ac605f741
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 04:02:17 2007 +0000

    major signature update from Bleeding Threats to include signatures for some of the latest malware and exploits
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@409 af5c991a-1414-0410-86ad-c3437102cd4a

commit 14f1b271c4ea939a9f658a57d06210817ebde47c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 03:59:34 2007 +0000

    - Added the ability to interpret basic PCRE's that contain strings separated
      by ".*" or ".+" as multiple string matches.  The only difference between
      this strategy and the Snort implementation is that the ordering of the
      strings is not preserved, but most signature developers don't rely on this
      anyway.
    - Added asn1 keyword to unsupported list.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@408 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5d2711eb3ae17ea27b74bb9722804cb6e4c3279b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 02:28:20 2007 +0000

    started on 1.0.3 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@407 af5c991a-1414-0410-86ad-c3437102cd4a

commit 08dd775af4af078361ac8a562be4d5e0e78ec139
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 02:19:35 2007 +0000

    added --include-re-caseless and --exclude-re-caseless options to have --include-regex and --exclude-regex options match case insensitively
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@406 af5c991a-1414-0410-86ad-c3437102cd4a

commit 65e372b6767cc4d5884941cb41d631136e0566c6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Nov 20 02:08:03 2007 +0000

    Added --include-regex and --exclude-regex options
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@405 af5c991a-1414-0410-86ad-c3437102cd4a

commit 927f372c6010074fed481ec5f9f9c829ea3ca729
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:51:04 2007 +0000

    Added 1.0.2 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@401 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6aff8bf6d42c124a9a3ccc0931d78cd8ae1c7c9b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:49:57 2007 +0000

    version 1.0.2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@400 af5c991a-1414-0410-86ad-c3437102cd4a

commit d4ad9de334159bce0b790341aeca4415b78b19ba
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:35:27 2007 +0000

    increased average TCP header length to 30 bytes to account for 10 bytes of options on ACK packets
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@399 af5c991a-1414-0410-86ad-c3437102cd4a

commit bf0e6ac322498dbc3f260791488173ce8aaf4beb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:34:15 2007 +0000

    bugfix to ensure that header lengths are accounted for with payload offsets
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@398 af5c991a-1414-0410-86ad-c3437102cd4a

commit 78a9895700e42f7be1ce8983e57d2381737c4420
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:05:23 2007 +0000

    removed ChangeLog.svn file
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@394 af5c991a-1414-0410-86ad-c3437102cd4a

commit bf736450132a4c3aedc863a2253821ae349e10b6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 20:04:58 2007 +0000

    bumped version to 1.0.1
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@393 af5c991a-1414-0410-86ad-c3437102cd4a

commit b7304adaee15b725c2660fc134b51b37f3f1c319
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Aug 26 19:28:36 2007 +0000

    bugfix for ipt_rule_test() function name.
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@392 af5c991a-1414-0410-86ad-c3437102cd4a

commit 86a7472f4e5eb6214c4bf8916c933d391f23e774
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 4 20:25:31 2007 +0000

    TODO additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@391 af5c991a-1414-0410-86ad-c3437102cd4a

commit 62f474ea537d0ae361170e31ec17a8ceddbb3b43
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 4 20:25:17 2007 +0000

    Added the ability to automatically resolve command paths if any commands
    cannot be found at the locations specified in the fwsnort.conf file.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@390 af5c991a-1414-0410-86ad-c3437102cd4a

commit 06e41b70524334d4cb2446c6ee879566c235be9f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 4 20:16:49 2007 +0000

    minor consolidation of push() calls
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@389 af5c991a-1414-0410-86ad-c3437102cd4a

commit cbcb119519e826311e5d1d4e2d63e0649931536e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jun 29 01:03:28 2007 +0000

    latest update from cipherdyne.org; bugfix for rpmbuild vs. wget path, updated to remove md5 sum files
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@388 af5c991a-1414-0410-86ad-c3437102cd4a

commit a0985932c53b4359c7db4c2e8a72eb7fb99f7d43
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 20 02:27:59 2007 +0000

    added Hank L.
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@384 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4a02cfca4aec6ebd47eca3abbc75303a0af821ee
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 20 02:21:34 2007 +0000

    1.0 release date
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@383 af5c991a-1414-0410-86ad-c3437102cd4a

commit bd65809ed4d860aa334977e2fabc55afc3d08adb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 20 02:09:58 2007 +0000

    added --queue-num command line argument
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@382 af5c991a-1414-0410-86ad-c3437102cd4a

commit d3a0af400cb4bc220a992a4b415627a2ba87dfe6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 20 02:08:06 2007 +0000

    added --queue-rules-dir option
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@381 af5c991a-1414-0410-86ad-c3437102cd4a

commit bbed2afb672ffad9dea490af85e75ff4e14cc9b2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 20 01:47:31 2007 +0000

    man page updates to include --NFQUEUE and --QUEUE language
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@380 af5c991a-1414-0410-86ad-c3437102cd4a

commit 76771a578b4e7a27200c24178c2766837a50e4cd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 17 02:46:13 2007 +0000

    - Bugfix for iptables string match --from and --to values to skip past
      packet headers.  This is an approximation until a new --payload option
      can be added to the string match extension.  Also added an iptables test
      for the --payload option.
    - Added a single iptables rule testing API internally within fwsnort;
      this adds a measure of consistency and removes some duplicate code.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@379 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0acc601cc75831bf44c14193de83bb7fb032169d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 15 23:32:33 2007 +0000

    updated to 1.0 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@378 af5c991a-1414-0410-86ad-c3437102cd4a

commit ba0dfe4c2e0165d5e31faea90520251df4e85128
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 15 23:32:04 2007 +0000

    comment match update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@377 af5c991a-1414-0410-86ad-c3437102cd4a

commit c623f5bc8b3e730c34780efbd7c2b2cda92d46dd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 15 23:26:06 2007 +0000

    added 'Finished' echo statement to the fwsnort.sh script
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@376 af5c991a-1414-0410-86ad-c3437102cd4a

commit 63c604dee05842d5aeb778c4586d28cdaf23a62a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 15 23:10:59 2007 +0000

    Added sid field to iptables comment match
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@375 af5c991a-1414-0410-86ad-c3437102cd4a

commit 973fb3d1f1df2254542af6c38e8ea13fd3c8a9c9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 15 23:05:52 2007 +0000

    updated to include full command line args for the snort_rules_queue/ files in the preamble section
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@374 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5821963aaae268049fb9e74becaa91f4ab94f451
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Apr 14 14:43:41 2007 +0000

    Added support for NFQUEUE number with --queue-num
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@373 af5c991a-1414-0410-86ad-c3437102cd4a

commit b85f9e37dacf290142f8f476e81de4d7fd49609d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 9 21:21:29 2007 +0000

    Added NFQUEUE target support
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@372 af5c991a-1414-0410-86ad-c3437102cd4a

commit 889ff384ed1cdded34a3287c10c0f2b663a4178e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 8 18:59:01 2007 +0000

    updated to preserve userspace signatures in --QUEUE mode, updated snort_rules_mod/ dir to snort_rules_queue
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@371 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4937cd285dccd742a37c5dd464ab96a64d716562
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 8 16:33:38 2007 +0000

    added URL to standard header
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@370 af5c991a-1414-0410-86ad-c3437102cd4a

commit 55ced9065713d6b7be81639571c05a5a5aaf2f7e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 6 01:10:40 2007 +0000

    version update to 1.0
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@369 af5c991a-1414-0410-86ad-c3437102cd4a

commit e6cba9ef4edf82ac97b88d63281c1080669bec59
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 6 01:08:53 2007 +0000

    major update to add the --QUEUE option to speed-up inline Snort implementations with in-kernel string matching
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@368 af5c991a-1414-0410-86ad-c3437102cd4a

commit 688bf2fdffe44098dc9accb09902cb76739aab14
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 27 01:28:47 2007 +0000

    added copyright line
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@367 af5c991a-1414-0410-86ad-c3437102cd4a

commit a7a7d784ace05824f6b872999cd3d5a327c81ded
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 27 01:06:05 2007 +0000

    - Bug fix to remove any existing jump rules from the built-in INPUT,
      OUTPUT, and FORWARD chains before creating a new jump rules.  This
      allows the fwsnort.sh script to be executed multiple times without
      creating a new jump rule into the fwsnort chains for each execution.
    - Added the -X command line argument to allow fwsnort to delete all of
      the fwsnort chains; this emulates the iptables command line argument
      of the same name.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@366 af5c991a-1414-0410-86ad-c3437102cd4a

commit 002d8ee3f763d97f632dcd1b9a26db77982d747c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 23 02:11:06 2007 +0000

    0.9.0 release date
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@362 af5c991a-1414-0410-86ad-c3437102cd4a

commit f0daf792fc3943a306b1e404f576204176a58979
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 23 02:10:01 2007 +0000

    doc update, Netfilter -> iptables
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@361 af5c991a-1414-0410-86ad-c3437102cd4a

commit b581dd30f61743e2d733e4069eacff6300842420
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 23 02:09:27 2007 +0000

    0.9.0 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@360 af5c991a-1414-0410-86ad-c3437102cd4a

commit bc5148695e21631db9bcc258974e85566cc608ba
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 23 02:05:46 2007 +0000

    doc updates
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@359 af5c991a-1414-0410-86ad-c3437102cd4a

commit 40f38a3455935b166a97ea1ef681ddb16add2e4d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 23 02:02:30 2007 +0000

    added support for reporting multiple unsupported options in the /var/log/fwsnort.log file
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@358 af5c991a-1414-0410-86ad-c3437102cd4a

commit facd5967bf6554f05ba62d9d6c9f106d2cb18711
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 20 01:33:02 2007 +0000

    added the DNS cache poisoning signature
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@357 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6ffdb9a2e676d64e4196a941aafaccc765fe6d72
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 20 01:31:28 2007 +0000

    minor wording update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@356 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2a9fc9f5ac3b5e78d65bae0be47384804c026e8f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 19 01:38:02 2007 +0000

    update to latest bleeding snort signatures
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@355 af5c991a-1414-0410-86ad-c3437102cd4a

commit d8d040757f914e4d4e4fcb9217215112d9cdf950
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 19 01:37:41 2007 +0000

    Added the SSH_PORTS variable
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@354 af5c991a-1414-0410-86ad-c3437102cd4a

commit 807e6935061dee32abee275bee9484cab0704fc5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 18 22:26:06 2007 +0000

    version 0.9.0
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@353 af5c991a-1414-0410-86ad-c3437102cd4a

commit 03873a94afcd4654f24e57573bd5cb4ec90bbf93
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 19:40:00 2007 +0000

    bugfix to ensure the LOG target is built correctly if a comment block is too large
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@352 af5c991a-1414-0410-86ad-c3437102cd4a

commit ce37b091e77b37cb1940cf84adce734cc2ea8f5b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 19:35:43 2007 +0000

    bugfix to make sure the 'within' criteria is large enough
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@351 af5c991a-1414-0410-86ad-c3437102cd4a

commit e4c06f10f8f6bd53045b5bcf6561ffbb662e1ed6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:54:21 2007 +0000

    minor update Iptables -> iptables
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@350 af5c991a-1414-0410-86ad-c3437102cd4a

commit 690438fe24a79f8ba8027951c64c5d3f3e476432
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:49:28 2007 +0000

    fwsnort version in comment match
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@349 af5c991a-1414-0410-86ad-c3437102cd4a

commit aa014200429c1ec7d49b08149520df7b3da4446c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:48:43 2007 +0000

    added fwsnort version to comment string
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@348 af5c991a-1414-0410-86ad-c3437102cd4a

commit 449a81b413d5a5a69ca94f1aca856d0f637deb9d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:41:39 2007 +0000

    0.9.0 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@347 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6a8ff26b5098a137e0c2c19ed9658ec5e339b8e5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:38:51 2007 +0000

    Added emulation for distance and within from previous content match (based on --from and --to and the length of the previous pattern)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@346 af5c991a-1414-0410-86ad-c3437102cd4a

commit f4729f30f303125d12a19f93cbb410458d52e368
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 18:07:01 2007 +0000

    minor update to put rule number echo statement after original snort rule
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@345 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3d6ec85eaa30ded80cb7df9982478a2a9be04bad
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 17:57:15 2007 +0000

    update content strings like |00||00| to just |00 00|
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@344 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1f065a70c9fa96ae11d15c904f6c447f4139d2f1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 17:25:19 2007 +0000

    bugfix for content matches that contain an escaped semicolon
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@343 af5c991a-1414-0410-86ad-c3437102cd4a

commit 01de40b3341c0b8cc4b8966ec64f9b772a3d67c3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 17:22:07 2007 +0000

    Updated to handle negative string matches
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@342 af5c991a-1414-0410-86ad-c3437102cd4a

commit 322c0f884eb84e8af882a1dbc93d27f7ee66df55
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 17:02:30 2007 +0000

    updated to handle multiple content strings and fixed the minimum depth criteria
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@341 af5c991a-1414-0410-86ad-c3437102cd4a

commit 77004ee8cd866ec5d3266eb20396b16d4660f340
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 17 16:58:24 2007 +0000

    added string match offset bugfix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@340 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7b0d2767d5eb4b2aab08aee105436b8175989736
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 16 01:52:56 2007 +0000

    flowbits regex fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@339 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7e5f0e2a10b252314fedbe91ecdfb90c28e1c184
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 16 01:35:29 2007 +0000

    added FWSNORT_<chain>_JUMP variables to allow the admin to control where in the built-in INPUT, OUTPUT, and FORWARD chains the jump rules are added for the FWSNORT chains
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@338 af5c991a-1414-0410-86ad-c3437102cd4a

commit 071a188181b685d72c5a0a1d20823fa9df6bb259
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 16 01:04:38 2007 +0000

    moved the cd_rpmbuilder script into the packaging directory
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@337 af5c991a-1414-0410-86ad-c3437102cd4a

commit b02e2f12f7f6fef08ad22dabf26fcb79bded89f8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 12 02:09:09 2007 +0000

    bumped version
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@336 af5c991a-1414-0410-86ad-c3437102cd4a

commit 96b31f7dfda72ee1b3cd9ac5f85346e9132992bd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 12 02:07:49 2007 +0000

    copyright date update to 2007
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@335 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4531b072aac7c64ca7aad650465a3c4ebe25a96b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 12 02:07:03 2007 +0000

    init scripts
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@334 af5c991a-1414-0410-86ad-c3437102cd4a

commit b433f4e84c86e4ccbc15c84eb7ae2fc59a85b1ff
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 12 02:06:48 2007 +0000

    Added "--log-ip-options" and "--log-tcp-options" to fwsnort LOG rules by
    default (in the generated fwsnort.sh script).  This can be disabled with
    --no-log-ip-opts and --no-log-tcp-opts arguments on the fwsnort command
    line.
    
    Added the ability to include --log-tcp-sequence to LOG rules in
    fwsnort.sh with a new argument --ipt-log-tcp-seq on the fwsnort command
    line.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@333 af5c991a-1414-0410-86ad-c3437102cd4a

commit 559aee5a583e5f07ab1d3eb284d42d50fb53281f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 12 00:00:57 2007 +0000

    Bugfix to ensure that traffic directed into the INPUT or coming from the
    OUTPUT chains is treated as going toward or originating from the
    HOME_NET.  After all the HOME_NET variable may contain an internal
    network but omit the IP assigned to an external interface on the
    firewall.
    
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@332 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4d207ada54001d94fb0f59941033fdd85284925a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 11 00:57:54 2007 +0000

    minor comment fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@331 af5c991a-1414-0410-86ad-c3437102cd4a

commit 76ab4301e17392a2449b2e2407057c79e448ed6d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 21:11:20 2007 +0000

    0.9.0 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@330 af5c991a-1414-0410-86ad-c3437102cd4a

commit 77192c933824fb07a0af1ccc627edb0ee761cf41
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 21:08:43 2007 +0000

    added -F and -L command line options to emulate the iptables command line a bit
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@329 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7e32b90cb176fdec2067db3ff58c50f88d6b45f4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 20:56:47 2007 +0000

    updated to latest Bleeding Snort rules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@328 af5c991a-1414-0410-86ad-c3437102cd4a

commit 585c15b54486d2cc5d6f7a9bbd4161d1b757c4b0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 20:56:29 2007 +0000

    implemented true whitelist/blacklist functionality that is driven by the fwsnort.conf WHITELIST/BLACKLIST variables
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@327 af5c991a-1414-0410-86ad-c3437102cd4a

commit e302ab1b2bb0bff2a38cb8a45b2d30edbdf9caf2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 20:55:56 2007 +0000

    implemented true whitelist/blacklist functionality that is driven by the fwsnort.conf WHITELIST/BLACKLIST variables
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@326 af5c991a-1414-0410-86ad-c3437102cd4a

commit 625b2b9a0289d7b24b38e2d4fe65c2bbf07c3609
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 20:55:27 2007 +0000

    0.9.0 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@325 af5c991a-1414-0410-86ad-c3437102cd4a

commit dc8d6774119427aee18b0fd0a71079b647f1fc56
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 05:42:43 2007 +0000

    added generation timestamp to fwsnort.sh
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@324 af5c991a-1414-0410-86ad-c3437102cd4a

commit d2ce36c4d6a761f30c462932199b48356ff5e1e1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 05:32:11 2007 +0000

    0.9.0 additions
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@323 af5c991a-1414-0410-86ad-c3437102cd4a

commit 64fc5cc5386677288913683a27e5860ed1041a10
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 05:30:15 2007 +0000

    updated to print the entire Snort rule as a comment in the fwsnort.sh script without having to use --verbose
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@322 af5c991a-1414-0410-86ad-c3437102cd4a

commit 340607c259519496786b340d9a0dccd1a1a1b64a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 04:43:27 2007 +0000

    save command line args
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@321 af5c991a-1414-0410-86ad-c3437102cd4a

commit f21729b1f5040f4f00f4ae519f9e49a0a80ad701
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 10 04:43:13 2007 +0000

    added --include-regex and --exclude-regex command line args
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@320 af5c991a-1414-0410-86ad-c3437102cd4a

commit 37bf9f58953d82b301c0eb529e60feda6410b09f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 9 02:38:49 2007 +0000

    minor comment update
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@319 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3fbaff6844db9ad9b57432f4b935aca7d44a963b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 3 04:20:23 2007 +0000

    documentation updates for comment and rule num options
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@318 af5c991a-1414-0410-86ad-c3437102cd4a

commit e3d025c1a7abc1667ba27fb550d1a89959bcab0e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 3 03:59:21 2007 +0000

    updated to latest Bleeding Snort rules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@317 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4dff5431c94b02c11d20d4b16c5b3405f405afba
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 3 03:58:44 2007 +0000

    updated to include iptables rule numbers by default (can be disabled with --no-ipt-rule-nums)
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@316 af5c991a-1414-0410-86ad-c3437102cd4a

commit 95c3ddd7a3ad772d5b050e195003f3ab4b712522
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 3 03:41:24 2007 +0000

    added comment match support for msg fields, added --ipt-rule-nums to include rule numbers within fwsnort logging prefixes
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@315 af5c991a-1414-0410-86ad-c3437102cd4a

commit 88c8df4e020850f27db56c1990f1b19d81ea474c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 3 01:31:16 2007 +0000

    updated to force install of IPTables::Parse
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@314 af5c991a-1414-0410-86ad-c3437102cd4a

commit 558464c2e86e459aec0ecda01bd2e15fa96ef7a3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Feb 17 14:40:03 2007 +0000

    Added Revision tag expansion
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@313 af5c991a-1414-0410-86ad-c3437102cd4a

commit 01431e42430456c29c28d47dafa4ee72e4987a92
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Feb 17 14:39:53 2007 +0000

    updated to 0.8.2 changes
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@312 af5c991a-1414-0410-86ad-c3437102cd4a

commit b2fd2857746d07bb03531b5e42e1ed3643ea1dc6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Feb 17 14:39:25 2007 +0000

    minor fixes for the buildroot and cwd path
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@311 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8c25ae957874943fd7dbe7a94f0994facb531e91
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 08:06:02 2007 +0000

    0.8.2 release date
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@302 af5c991a-1414-0410-86ad-c3437102cd4a

commit baf7d4e8288e137f1cb632fadea497bd09426f74
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 08:05:36 2007 +0000

    0.8.2 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@301 af5c991a-1414-0410-86ad-c3437102cd4a

commit 88414ebeab3bc4ac59096d3461f51e06e576674e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 08:02:53 2007 +0000

    more 0.8.2 stuff
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@300 af5c991a-1414-0410-86ad-c3437102cd4a

commit 21f13ac19621c4ff472d7d4fd95008325e8866b3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 08:00:53 2007 +0000

    more 0.8.2 stuff
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@299 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6305f05c83f034c92773c69f34cca8c6ba0bb4f6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:58:36 2007 +0000

    added bleeding-all.rules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@298 af5c991a-1414-0410-86ad-c3437102cd4a

commit fb61610825da1e7037b01abf50d284c05000c008
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:58:03 2007 +0000

    bugfix to not print duplicate rules in --Dump-ipt and --Dump-snort modes
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@297 af5c991a-1414-0410-86ad-c3437102cd4a

commit 60199f1253e52f6fb2cd58d9ea2fe406fb92e7fc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:49:26 2007 +0000

    minor doc updates
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@296 af5c991a-1414-0410-86ad-c3437102cd4a

commit b906a181e333677493e5881685bd6fddd910451e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:48:40 2007 +0000

    updated to latest version from psad project
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@295 af5c991a-1414-0410-86ad-c3437102cd4a

commit 87b6920e50dedb33809bb50390240966013efaf3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:48:09 2007 +0000

    - Added ipt-file argument to allow an iptables policy to be read from a file.
    - Added --Dump-ipt and --Dump-snort to allow iptables and snort rules to be
      dumped to STDOUT.
    - Additional code cleanups to better handle chain names.
    - Added file revision
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@294 af5c991a-1414-0410-86ad-c3437102cd4a

commit 46fd5726719cecfb61c849abe7c313dca46a88be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 07:41:44 2007 +0000

    updated TCP header length
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@293 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5143e01f767577f107ecea965411330e49993493
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Feb 16 03:25:26 2007 +0000

    Added README.RPM file for automated cd_rpmbuilder
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@292 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5498b22b0511c49b12eb872693f25f3b4a38c9e0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Feb 15 04:30:48 2007 +0000

    linux-2.6 and string matching note
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@291 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2d1477d8749f644673c47849863bdad6f6323fbd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Feb 15 04:18:19 2007 +0000

    minor opendir shift fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@290 af5c991a-1414-0410-86ad-c3437102cd4a

commit bff32ed87b0f88a5d04274db9ed63398f9f42cc5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Feb 15 04:17:50 2007 +0000

    backdoor update for Matrix 2.0 sig
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@289 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5ab1dd70e537353a7efaf2f69105982827a98cd9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Feb 15 04:17:02 2007 +0000

    minor opendir shift fix
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@288 af5c991a-1414-0410-86ad-c3437102cd4a

commit 28a484ada89f7b87b7701817236f580f9f3e5030
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Feb 15 04:15:54 2007 +0000

    Added cd_rpmbuilder script to make it easy to automatically build fwsnort RPM files
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@287 af5c991a-1414-0410-86ad-c3437102cd4a

commit fd4b5a32629937b76cc0945bbbf8ccbc833c970b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jan 20 02:36:51 2007 +0000

    added Id tag expansion
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@286 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2b415f61ccd02900fd7464566c079e334bbf671f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jan 20 02:34:12 2007 +0000

    added GPL and standard header text
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@285 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2d235c3d31f66d558cf93bc42a53b4ce388d9e23
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 16 03:23:14 2006 +0000

    updated snort sig comment
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@284 af5c991a-1414-0410-86ad-c3437102cd4a

commit a87c0ac808b0bf99baac6b44dae63923c51536a1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 16 03:06:25 2006 +0000

    switched to require Net::RawIP so a normal user can check proper compilation, removed unnecessary msg var
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@283 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4e15c2783edd0a49d77ec663fb0e42c6189877a8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 15 02:33:56 2006 +0000

    updated to use Net::RawIP
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@282 af5c991a-1414-0410-86ad-c3437102cd4a

commit d199bdae33603d2b88c31ab115bd4e7bd1160161
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Sep 10 00:00:46 2006 +0000

    updated to same format as the psad CREDITS file
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@281 af5c991a-1414-0410-86ad-c3437102cd4a

commit 46a1e94e3645c30247faa414ca680e3d68025723
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Sep 6 00:55:10 2006 +0000

    minor bugfix for Dumper() function call in print() statement
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@280 af5c991a-1414-0410-86ad-c3437102cd4a

commit 718f3c8b91384c202f34bde7693aabc34a82f4fa
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Sep 5 23:36:25 2006 +0000

    bumped version to 0.8.2
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@279 af5c991a-1414-0410-86ad-c3437102cd4a

commit 723cc8f0923049be326850d3460e721180436c35
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Sep 5 21:58:48 2006 +0000

    -Added --dumper mode to use Data::Dumper to print Snort rule hashes and
    corresponding matching Netfilter rules.  This is useful to help diagnose
    IPTables::Parse to see how fwsnort is doing w.r.t. matching Snort rules
    to Netfilter rules.
    -Added 'ack' Snort rule option to the unsupported options in fwsnort.  The
    --log-tcp-sequence iptables argument does log acknowledgment numbers
    however (psad can make use of them).
    -Re-worked how fwsnort parses Netfilter policies to use the new
    IPTables::Parse module (which returns an array of hash refs for each set
    of rules in a Netfilter chain).
    -Added code see if state rules apply to current Netfilter rule.
    -Added support for OUTPUT chain.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@278 af5c991a-1414-0410-86ad-c3437102cd4a

commit 93c2804b9357329871cf90a046d766f65eb6ab72
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Sep 5 21:50:50 2006 +0000

    added code to detect whether a previously seen state rule applies to the current rule in the policy
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@277 af5c991a-1414-0410-86ad-c3437102cd4a

commit c03d0a3a3d2d03300a69640677ed886a50bca3f2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Sep 4 22:04:27 2006 +0000

    started on 0.8.2 stuff
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@276 af5c991a-1414-0410-86ad-c3437102cd4a

commit d335e4368f2bbd71047a21bd12eec1fdeb2dc7e6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Sep 4 22:00:38 2006 +0000

    updates for 0.8.2 release
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@275 af5c991a-1414-0410-86ad-c3437102cd4a

commit a5d67b497aee52f7dfc21faa5d15e2e69f99b970
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Sep 4 04:57:48 2006 +0000

    added patch to fix a bug where repetitive strings could not be matched within payload data except at specific offests
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@274 af5c991a-1414-0410-86ad-c3437102cd4a

commit 56fc5fdd15c22b987599455c92315f7d03366d63
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Sep 4 02:19:23 2006 +0000

    -Updated to use perl module installation strategy from fwknop to only install
    modules that don't already exist within the system perl module tree.
    -Added --Force-mod-regex and --force-mod-install command line arguments.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@273 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0ad62eaf9e0cfd6d55ed0c4c8a9a3bdd16821f38
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Sep 3 22:28:49 2006 +0000

    deprecated old IPTables module for IPTables::Parse module
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@272 af5c991a-1414-0410-86ad-c3437102cd4a

commit e66cd81570f5c771bef6fdd3f97c2aa630e920f7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Sep 3 22:26:48 2006 +0000

    added IPTables::Parse module
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@271 af5c991a-1414-0410-86ad-c3437102cd4a

commit beeed827eb17d93ab5c0e442e8938923a2a1252b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jun 27 03:05:09 2006 +0000

    updated to Snort-2.3.3 rules
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@270 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6d136a2bf4594e831d26a24cc0f814280efa0bd7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed May 3 03:31:46 2006 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@269 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8128f00d06b0a5c7e05b809a159c7d28521bef34
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jan 16 04:42:17 2006 +0000

    format fixes
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@268 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5746c5466cd3d9f353c487b5626034174c0e3c86
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jan 7 02:54:40 2006 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@267 af5c991a-1414-0410-86ad-c3437102cd4a

commit e0f65a30f0e99cb23ef9ac454b753a188d5473dc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Nov 12 03:03:20 2005 +0000

    rpm package
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@265 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6de519530dddbe5cf5507bca68374388581438c8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Nov 12 01:42:56 2005 +0000

    Initial revision
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@261 af5c991a-1414-0410-86ad-c3437102cd4a

commit 15a020a9c5898a6857bf74585cfeb6e4f09ed4d3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Nov 12 01:41:49 2005 +0000

    added hostname to fwsnort.sh doc section
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@260 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8e4ffdb73faa0111ae9f11f1abe0d4f7dc686cc0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 10 05:52:43 2005 +0000

    0.8.1
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@259 af5c991a-1414-0410-86ad-c3437102cd4a

commit f7212637bf24eed69944cab657be0ec531390b74
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 10 05:51:59 2005 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@258 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2f70cc40922087685013ad58ec66c172761c08ed
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 10 05:51:50 2005 +0000

    added uname command
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@257 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5471a9f06007524ced0304216b5f543518ad30df
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 10 05:51:30 2005 +0000

    0.8.1 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@256 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3e88bca28b8c6b67255e344d89d2223857c767e4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Nov 10 05:47:52 2005 +0000

    updated to handle the string match extension in the 2.6.14 kernel
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@255 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4d05cdaab671d21be1b6ee1b74d5a73e6f063fe6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 06:58:08 2005 +0000

    updated version to 0.8.0
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@253 af5c991a-1414-0410-86ad-c3437102cd4a

commit 27b0c26a959b917d706cfd0ecfcf73ad773ea7e2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 04:47:42 2005 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@252 af5c991a-1414-0410-86ad-c3437102cd4a

commit 629422088a7321a305201fcfc71d164c7cda3584
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 04:46:33 2005 +0000

    added snortspoof.pl
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@251 af5c991a-1414-0410-86ad-c3437102cd4a

commit 95157836a930324ddbc1c309b94df270e6e1e1e3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 03:30:23 2005 +0000

    updated to 8 byte ICMP header
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@250 af5c991a-1414-0410-86ad-c3437102cd4a

commit d097898656a961959cdac5dfdf92d787df193ae5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 01:37:56 2005 +0000

    moved --ipt-list and --ipt-flush handlers before archive()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@249 af5c991a-1414-0410-86ad-c3437102cd4a

commit 84d013e32065b98d1199547fd488c612d27f73a3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jul 11 01:37:30 2005 +0000

    minor sids->sid update
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@248 af5c991a-1414-0410-86ad-c3437102cd4a

commit 37b01b9ca508838c135806cd2640d98c50830f66
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 18:52:08 2005 +0000

    minor bugfix to remove extra content-list hash entry
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@247 af5c991a-1414-0410-86ad-c3437102cd4a

commit c0d9ee0197cffbc4ef3510609ebab8182156edc8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 14:49:26 2005 +0000

    updated --ipt-apply argument to just execute fwsnort.sh
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@246 af5c991a-1414-0410-86ad-c3437102cd4a

commit eb33fb018f27e7fdba506c41f18728a53ddb043a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 04:02:11 2005 +0000

    DRP and REJ strings
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@245 af5c991a-1414-0410-86ad-c3437102cd4a

commit 40268825cbb105302e0561110a7f2655284d5e8f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 03:49:24 2005 +0000

    updated to add action to logging prefix if --ipt-drop or --ipt-reject is used
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@244 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5d539fdaa67d38cdb7ca27b9f3ffcfe64a73ec0f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 03:48:52 2005 +0000

    updated man page
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@243 af5c991a-1414-0410-86ad-c3437102cd4a

commit ada679daf5fc794f1c6e6afc64bcac6cf88d8c4b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 03:48:42 2005 +0000

    l7 usage
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@242 af5c991a-1414-0410-86ad-c3437102cd4a

commit e8353043aa293dcb07e0044a90691daa9dcc3137
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 9 03:48:29 2005 +0000

    added patch to extend packet search length from 1024 to 2048 bytes (longer than Ethernet MTU
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@241 af5c991a-1414-0410-86ad-c3437102cd4a

commit 648fec6fcb210772d16cf0117bc1fa7d33af9a73
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 8 03:20:18 2005 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@240 af5c991a-1414-0410-86ad-c3437102cd4a

commit 46087256856514fdedd8e1efcea7ed8d21725e03
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 8 03:08:48 2005 +0000

    updated to allow list of interfaces to restrict jump rules to
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@239 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2ee610c92da7dc5adb607517032c08ff6b72f834
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 8 01:39:45 2005 +0000

    bugfix for excluding the loopback interface
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@238 af5c991a-1414-0410-86ad-c3437102cd4a

commit 78a12cd91a68b2e150b7e4d38d7ef22ec84db379
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jul 7 02:42:51 2005 +0000

    updated stdout output in --snort-sids mode
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@237 af5c991a-1414-0410-86ad-c3437102cd4a

commit 229f689540723b68f11e61243476e3b639496979
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 6 23:33:17 2005 +0000

    --snort-sids list support
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@236 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5ba006b678960780dbc8671e7fd4ffa0849422b3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jul 6 23:31:13 2005 +0000

    bugfix for Rules added counter, added support for multiple sids in --snort-sids, added --exclude-sids option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@235 af5c991a-1414-0410-86ad-c3437102cd4a

commit 04b7571ad604e15f3f64f9c6311cad752e294b6b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 5 02:05:11 2005 +0000

    added string_replace_kernel.patch
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@234 af5c991a-1414-0410-86ad-c3437102cd4a

commit d1e2b631cbc51890d61dc271944eb60195210d54
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jul 5 02:04:56 2005 +0000

    moved to patches/ directory
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@233 af5c991a-1414-0410-86ad-c3437102cd4a

commit b15985658fc26ffe4b0c990ec690ebd38d30ac17
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 19:11:48 2005 +0000

    updated comment wording
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@232 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f7053e241e09e1af0d087ea9e8cfa2f1ac9be91
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 17:22:22 2005 +0000

    added --no-exclude-lo, the default is now to exclude the loopback interface from fwsnort processing
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@231 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1d7a64cfc9e9004ce5e5990e5de1b33ef3c91134
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 16:55:23 2005 +0000

    -Added --ipt-list to list rules in fwsnort chains.
    -Finished --ipt-flush code.
    -Updated to use chain names from keywords defined in fwsnort.conf.
    -Update usage().
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@230 af5c991a-1414-0410-86ad-c3437102cd4a

commit 72547df92ec08cb20a9e90ad49e047a0fcdbf58c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 16:48:25 2005 +0000

    added added chain keywords
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@229 af5c991a-1414-0410-86ad-c3437102cd4a

commit a6e4cb1c2249601480f782732caabdd06b9b9d40
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 14:30:05 2005 +0000

    added conntrack patches
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@228 af5c991a-1414-0410-86ad-c3437102cd4a

commit af2cd657aa983f396b28b1c933653fb7d064779d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 14:29:38 2005 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@227 af5c991a-1414-0410-86ad-c3437102cd4a

commit b63493ba020d010e14ccdd1898754de2be0efcf4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 03:50:30 2005 +0000

    added linux-2.4.4_conntrack.patch
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@226 af5c991a-1414-0410-86ad-c3437102cd4a

commit c8735e799771461ba6b997322b2c5d91c69b9f05
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Jul 1 03:42:16 2005 +0000

    Initial revision
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@223 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3dfdb54bee12e1eff83b5833f01816655ffbe4a3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 16:09:03 2005 +0000

    updated preservation code to remove interfaces from old configs
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@221 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7a4ad3b022bbcec22d2058b3c1d2c1d697fa8626
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 15:45:11 2005 +0000

    bugfix for rules added counter, bugfix for inappropriate protocol mapping based on src/dst ports
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@220 af5c991a-1414-0410-86ad-c3437102cd4a

commit f3695e697ce851a5eb0433f9e8146b2725713a4c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 02:36:50 2005 +0000

    bugfix for missing space in src/dst iptables args
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@219 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7f68e6446cef1360b0c8f738f67f67d45ae8673a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Jun 30 02:31:18 2005 +0000

    finished is_local() function, added --no-addresses option, started on --ipt-flush
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@218 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3fc7c5c0dd7c6c5f72a66e008d69b4e93ae1c5f8
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jun 28 02:42:15 2005 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@217 af5c991a-1414-0410-86ad-c3437102cd4a

commit c3b31f373d02dc029bbb78181bda8be8d91ca32b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 04:13:54 2005 +0000

    added test for --replace-string support
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@216 af5c991a-1414-0410-86ad-c3437102cd4a

commit 342ff00f79d9080afb0a81c39bb3d48f065f2266
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 04:07:42 2005 +0000

    added support for the Snort_inline replace option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@215 af5c991a-1414-0410-86ad-c3437102cd4a

commit 11fcfdb3319afece7f0242d17cfbe22790a2318b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 03:07:01 2005 +0000

    added list processing support for --include-types and --exclude-types
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@214 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f1367a7dccf576aba4cd99b75e30ee80b8cf593
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:45:25 2005 +0000

    0.8.0 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@213 af5c991a-1414-0410-86ad-c3437102cd4a

commit cadaf91e78ff767fc348bc413822aee4f445dd23
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:44:13 2005 +0000

    length bugfix, non-tcp/udp protocol and port number bugfix
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@212 af5c991a-1414-0410-86ad-c3437102cd4a

commit a8b3b6f3050a5b3e6097a91be2df40b9924b6f0b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:25:13 2005 +0000

    bugfix for icmp-type order, bugfix for src/dst ports in non-tcp/udp protocol match
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@211 af5c991a-1414-0410-86ad-c3437102cd4a

commit e6f08e7724f02c103c179bee790544d9baa44b6e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:08:13 2005 +0000

    bugfix for negated networks
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@210 af5c991a-1414-0410-86ad-c3437102cd4a

commit ff215b0cde3cce49b6cb1180cd4d5828dfaa772f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:02:37 2005 +0000

    added average packet header length vars for Netfilter length match emulation of dsize option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@209 af5c991a-1414-0410-86ad-c3437102cd4a

commit 887d16e6b7db7e3f91c2187c636b1c013e708b29
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 27 02:02:02 2005 +0000

    made use of Netfiler length match to emulate dsize Snort option, added negation tests for source and destination IP addresses
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@208 af5c991a-1414-0410-86ad-c3437102cd4a

commit e2630eacd35dd2c1a8c07e6fc4022ba58ea042da
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 26 19:49:21 2005 +0000

    added command line args output to fwsnort.sh
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@207 af5c991a-1414-0410-86ad-c3437102cd4a

commit 29d570f716c44e6a38bd1a8c7299c22c0e2b2218
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 26 19:43:45 2005 +0000

    Added --snort-conf to read variables out of an existing snort.conf file, fixed up usage()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@206 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2626c3c36ad82ddd64ba50fcd613eb18f7cebd80
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 26 19:18:05 2005 +0000

    bugfix for not excluding rules that contain ip_proto with a < or > char
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@205 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7d1c417e108575cbf1fd809e5811ca8a0a683c0b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 26 18:17:29 2005 +0000

    more 0.8.0 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@204 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7b2bd430ad60a791cf6dcdc954d2924a0a7c528b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 26 18:15:35 2005 +0000

    updated to handle icmp type/code rules, added rule counter in fwsnort.sh script
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@203 af5c991a-1414-0410-86ad-c3437102cd4a

commit ecf1e98f5c05a27f9217a88c6dfa2f4b6cc28961
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 18:06:57 2005 +0000

    added exclusion for loopback traffic logged via the loopback interface
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@202 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5df34daee5136d7180a18d52121694ccd999f6c6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 17:59:02 2005 +0000

    added the ability to restrict Netfilter rules to a specified intefaces, added ability to remove INPUT, OUTPUT, or FORWARD processing
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@201 af5c991a-1414-0410-86ad-c3437102cd4a

commit dc5cbdbd436722bfb86beff7032858c236954606
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 17:37:33 2005 +0000

    added --no-ipt-conntrack command line option, added check for Netfilter conntrack match
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@200 af5c991a-1414-0410-86ad-c3437102cd4a

commit b8266f18de3c4b69969c1f104f42880e559a6bd0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 16:18:38 2005 +0000

    removed interface variables for the fwsnort chain restructuring, fwsnort now supports Snort header variable resolution
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@199 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2c6131d2bc518468049deff51fa6ea37625aed14
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 16:17:55 2005 +0000

    minor path update
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@198 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5f78db8a422c32c402b09a75cbe7792350a94e8c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jun 25 16:17:38 2005 +0000

    complete chain restructuring (see ChangeLog)
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@197 af5c991a-1414-0410-86ad-c3437102cd4a

commit b44c08a903b0ee7bd148343ce3e0e1e3fa6ce67a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jun 22 04:18:46 2005 +0000

    moved iptables options into snort_opts hash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@196 af5c991a-1414-0410-86ad-c3437102cd4a

commit 751f02e82a25aedb692f630d7c4a2ff582885e11
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Jun 22 02:41:33 2005 +0000

    started separating Snort rule header options and iptables mapping hash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@195 af5c991a-1414-0410-86ad-c3437102cd4a

commit e4452fa20f587e329d245b1fd0f2b8621b7ec955
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 20 04:02:39 2005 +0000

    -IP options bugfix to match the ipopts Snort option (several arguments are
     not supported by the ipv4options extension).
    -Added IP protocol support in the translation of the Snort rule header.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@194 af5c991a-1414-0410-86ad-c3437102cd4a

commit ec9bb51c79e26ca815cd87d71fd63aad0567ec84
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 6 03:10:01 2005 +0000

    update Copyright date
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@192 af5c991a-1414-0410-86ad-c3437102cd4a

commit a1ea57b7bb4af6638202d0569f2bdd3019b126eb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Jun 6 03:09:06 2005 +0000

    version 0.7.0
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@191 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4a94634bb58aa2e0527daeaa57fdee788a950ccf
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 5 15:27:28 2005 +0000

    - Added support for the "resp" keyword to allow it to drive the
      Netfilter argument to the REJECT target.
    - Added "pcre" to the unsupported list... this knocks the fwsnort
      translation rate down to about 50% for Snort-2.3 rules (pcre is
      heavily utilized).
    - Added "priority" and "rev" to comment lines.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@189 af5c991a-1414-0410-86ad-c3437102cd4a

commit afa1a207bf8c0360fa0c832eecd5226f2f36a979
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 5 02:09:53 2005 +0000

    0.6.6
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@187 af5c991a-1414-0410-86ad-c3437102cd4a

commit bb34295908c1ae204b7342f7258e1aa8417ee1f3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jun 5 02:09:03 2005 +0000

    added support for the pass and log actions in Snort rules, added general support for the ULOG target
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@186 af5c991a-1414-0410-86ad-c3437102cd4a

commit 807d1eb811c123e5ffe44843b8cce8c0b85badd5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 20 20:50:24 2005 +0000

    bleedingsnort vs. snort.org update
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@183 af5c991a-1414-0410-86ad-c3437102cd4a

commit c2d8848cbf4ef36c0221692ecb128eac99c0c77b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 20 19:22:07 2005 +0000

    - Updated to not attempt to download Snort rules from snort.org
      because the rules are no longer available for automatic downloads
    - Changed the install.pl script and the --update-rules mode for
      fwsnort to download the latest signature set from
      http://www.bleedingsnort.com/.
      (Snort.org is now offering pay-service around their rule sets).
    - Added signature test for the "flowbits" keyword.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@182 af5c991a-1414-0410-86ad-c3437102cd4a

commit 605ddb158c5ed448b5baf8b10a7c8f92a5c18f77
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 03:22:47 2004 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@181 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9cf7c7b921f3a6be631cdcccd43183483edbe812
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 02:50:50 2004 +0000

    incremented version to 0.6.4
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@179 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8c76af7d6c16e463cc8a09042f7723000eaa886a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 02:49:50 2004 +0000

    .
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@178 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9a12f19dd6f7cca358d6f75eaccefe53fe38cd02
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 02:47:10 2004 +0000

    added --replace-string patches
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@177 af5c991a-1414-0410-86ad-c3437102cd4a

commit daeed72c5f7fcd10751a2c6a458f6627e164b60a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 02:46:43 2004 +0000

    updated docs
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@176 af5c991a-1414-0410-86ad-c3437102cd4a

commit 671c7d1e1fa61c5247f7bebcf30ea9a4b67b349b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 01:59:16 2004 +0000

    updated to Snort-2.3 rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@175 af5c991a-1414-0410-86ad-c3437102cd4a

commit 169b54e3be159b98da761c099b2587385c822a61
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 01:58:00 2004 +0000

    updated to standard logging prefixes [+], [-], and [*]
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@174 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3938eb7b0fd53116e35d9a7fa0e05de872651373
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 01:39:21 2004 +0000

    added flowbits
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@173 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6a458c25c116658b0039b753fa34346df68ee606
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Dec 19 01:37:52 2004 +0000

    updated to new rules download link on www.snort.org
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@172 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6dbfd2bf0d7483dfd6697c6755f739f3a2abe9d9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Nov 13 03:04:59 2004 +0000

    Added TODO
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@171 af5c991a-1414-0410-86ad-c3437102cd4a

commit 24d5344e4a2490946f1734b60deb549cec1a86c1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Nov 13 03:04:18 2004 +0000

    generic language support for ifconfig output
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@170 af5c991a-1414-0410-86ad-c3437102cd4a

commit eec528ae27a15f71da13f4f1f6cdd6979993ab57
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 4 22:58:46 2004 +0000

    added 0.6.3 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@168 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5eec4abdf04afd4f038c99df5c09e6434df20d59
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 4 22:43:32 2004 +0000

    replace --ipt-block with --ipt-reject and --ipt-drop
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@167 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3d5814a437f21630ff86e9a8c900553dff187dd5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 4 21:59:49 2004 +0000

    added IGNOREIP and IGNORENET
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@166 af5c991a-1414-0410-86ad-c3437102cd4a

commit 829750df26ee560661964c534c9c31d1124ae86f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 4 21:59:21 2004 +0000

    added ignore functionality for both IPs and networks
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@165 af5c991a-1414-0410-86ad-c3437102cd4a

commit fb414f6197a42d405e13c965da2c22b5fa76137d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Apr 3 03:54:42 2004 +0000

    split --ipt-block into --ipt-drop and --ipt-reject, added --add-deleted option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@164 af5c991a-1414-0410-86ad-c3437102cd4a

commit f08e81a46d387ae5a9597167ee9a2a0c75bff297
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 20 17:08:41 2004 +0000

    minor bugfix for usage()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@162 af5c991a-1414-0410-86ad-c3437102cd4a

commit e636a16f65b6fb6bb36efdaadc492b5a367f4f0a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 03:20:50 2004 +0000

    added 0.6.2 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@160 af5c991a-1414-0410-86ad-c3437102cd4a

commit 33b2ce349598dfcd5bda9633c52a658ffbec452a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 03:18:25 2004 +0000

    added Ahmad Almulhem
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@159 af5c991a-1414-0410-86ad-c3437102cd4a

commit fadf14ed120a0922da6ae7bad0b9a9c14a0b206d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 03:13:28 2004 +0000

    more verbose explanations
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@158 af5c991a-1414-0410-86ad-c3437102cd4a

commit c14c4d449f93d8cd54e657a8c056ce28448f0536
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 03:13:10 2004 +0000

    added icmp-port-unreachable for udp rejects, added --internal-net and --dmz-net options
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@157 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f531cd2c36e8f454f3942a7c4fabb007e8ad2be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 03:12:21 2004 +0000

    version 0.6.2
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@156 af5c991a-1414-0410-86ad-c3437102cd4a

commit 99a37e109e11e7191957d8a250dfba75ee94b548
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 19 02:53:52 2004 +0000

    added --internal-net and --dmz-net
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@155 af5c991a-1414-0410-86ad-c3437102cd4a

commit c3ce771fd41184a73b79816bd854b52e9ddadc1b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Feb 1 13:28:00 2004 +0000

    updated to 0.6.1 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@153 af5c991a-1414-0410-86ad-c3437102cd4a

commit c97932b4f5742aae2b5ef9c2d7b078c3212744a3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Feb 1 13:22:49 2004 +0000

    updated to version 0.6.1
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@151 af5c991a-1414-0410-86ad-c3437102cd4a

commit e060bbb3cda226612fc884db4b2f3bb658e40ae2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 11 19:06:06 2004 +0000

    bugfix for not adding dmz interface rules to INPUT chain
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@149 af5c991a-1414-0410-86ad-c3437102cd4a

commit a05a8981a2880f280166150a795aa62885468b8a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Jan 6 04:27:42 2004 +0000

    bugfix for not getting the DMZ interface network
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@148 af5c991a-1414-0410-86ad-c3437102cd4a

commit 337d2169a32e1a5761ff410708fdb2dde4a0ed8e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 06:28:56 2004 +0000

    added Paul O., more stuff for Thomas B.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@146 af5c991a-1414-0410-86ad-c3437102cd4a

commit d1fcaf21934995c1443bb6bb68d1a86ef910d3f7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 06:27:01 2004 +0000

    minor help updates for ipt_script
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@145 af5c991a-1414-0410-86ad-c3437102cd4a

commit dba971ca15a587260a147cc126ae51aaeeb9e8a2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 06:19:35 2004 +0000

    incremented version to 0.6
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@144 af5c991a-1414-0410-86ad-c3437102cd4a

commit c19c43669f7f96042a64f91d9ecf606a1113ef79
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 06:18:09 2004 +0000

    added 0.6 stuff
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@143 af5c991a-1414-0410-86ad-c3437102cd4a

commit 63a2eaa83751c6bd656cba06a2cc1628b280f1ce
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 05:54:54 2004 +0000

    -Added check for multiple ip_proto fields.
    -Removed "ip" as a protocol that can be translated.
    -Truncate logfile at startup (it is really just a parsing log).
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@142 af5c991a-1414-0410-86ad-c3437102cd4a

commit 10ba530c81a7148ded425c849878d490efec3a15
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 05:27:44 2004 +0000

    bugfix for negated dst port
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@141 af5c991a-1414-0410-86ad-c3437102cd4a

commit 219895c2cab039e7c0a1926cc3fa96423a351749
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 05:24:43 2004 +0000

    bugfix for negated src/dst ports
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@140 af5c991a-1414-0410-86ad-c3437102cd4a

commit 488b219fb6c81aadedc0180ca0867136d479793f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 01:25:56 2004 +0000

    -Made only a single call to write_ipt_script() to reduce disk accesses.
    -Bugfix for protocols that contain non-word chars (such as ">").
    -Added regex for ip addresses.
    -Removed "<-" direction parsing for rule header since snort does not
     even support this.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@139 af5c991a-1414-0410-86ad-c3437102cd4a

commit 12bd9d8341290d51ec90f9815ff02b414f8f8b56
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Jan 4 00:51:12 2004 +0000

    bugfix for existing downloaded_snort_rule directory
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@138 af5c991a-1414-0410-86ad-c3437102cd4a

commit c26266aa35f008083e721ce252b78b4a5db88c1d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Dec 31 01:27:21 2003 +0000

    bugfix for dmz interface
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@137 af5c991a-1414-0410-86ad-c3437102cd4a

commit 8b0d1b9844bd426c5a6d1d60f1114209871a53e6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Dec 31 01:26:07 2003 +0000

    added tar command path
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@136 af5c991a-1414-0410-86ad-c3437102cd4a

commit bef1f5757309c595cda3064e9fbe9a8d698d0e6c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 18:08:18 2003 +0000

    incremented to version 0.5
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@134 af5c991a-1414-0410-86ad-c3437102cd4a

commit 38adcea990c0be1fc9fc206fba2b192f360c1491
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:58:55 2003 +0000

    added test for iptables ttl extension
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@133 af5c991a-1414-0410-86ad-c3437102cd4a

commit da54cd79e614d4605026969f4269314d47a67870
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:43:43 2003 +0000

    removed Data::Dumper
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@132 af5c991a-1414-0410-86ad-c3437102cd4a

commit 898494ceb8d0c1e63a924752acd8576552ca7c88
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:40:56 2003 +0000

    updated to snort-2.1 rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@131 af5c991a-1414-0410-86ad-c3437102cd4a

commit 42cf017858cf43582aa30384ceef091e869507c1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:38:34 2003 +0000

    updated to 0.2
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@130 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2990237338ac13e4af16936d6123eb9097b35087
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:38:03 2003 +0000

    added preserve_config() from psad
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@129 af5c991a-1414-0410-86ad-c3437102cd4a

commit 57d5fb8a05c07abe8d71e4a758bd8a9a0f234091
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:37:09 2003 +0000

    added tar and wget commands
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@128 af5c991a-1414-0410-86ad-c3437102cd4a

commit d05a1d58d23d7455ca488434117af49363f23c94
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:36:50 2003 +0000

    added 0.2 options
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@127 af5c991a-1414-0410-86ad-c3437102cd4a

commit fc1d5e3b1fb9eb02b232b0b6aabd2057a0cc839f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:36:27 2003 +0000

    more stuff for 0.2
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@126 af5c991a-1414-0410-86ad-c3437102cd4a

commit 19284846d21ea69fdd779f466d81514f52022e83
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 17:33:30 2003 +0000

    more stuff for Thomas Bullinger
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@125 af5c991a-1414-0410-86ad-c3437102cd4a

commit 35db584b8f4879a8480af5b375debf851689c064
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 06:03:16 2003 +0000

    added text on hex string patch being accepted by iptables maintainers
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@124 af5c991a-1414-0410-86ad-c3437102cd4a

commit 15e4f9640d0276775f5e25b7a0b9690696c975ee
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Dec 20 00:21:20 2003 +0000

    -Added --update-rules option to download latest rules from snort.org.
    -Properly handle icmp protocol now ("Undefined code" sigs are ignored, and
     icmp protocol rules are now no longer automatically included within
     fwsnort.sh).
    -Added REJECT tcp-reset support for tcp sessions that are to be blocked.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@123 af5c991a-1414-0410-86ad-c3437102cd4a

commit e106aa428019ef11d00f3d64c08290bd7f49f29c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Dec 19 04:49:33 2003 +0000

    -Added installation prefix of /usr/lib/fwsnort for perl modules.
    -Added the ability to download latest snort rules from http://www.snort.org
    -Added check_commands().
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@122 af5c991a-1414-0410-86ad-c3437102cd4a

commit c61d70076c33635ecf1cb9cfbdfb987db65ba2e4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 06:19:23 2003 +0000

    added VERSION file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@121 af5c991a-1414-0410-86ad-c3437102cd4a

commit bdfd49b0a654e43d4315745dd796fb514075bd95
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 06:18:33 2003 +0000

    added snort_opts.pl
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@120 af5c991a-1414-0410-86ad-c3437102cd4a

commit c94fcdc23c452ba26b6e81603ba48528ce73a831
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 05:52:46 2003 +0000

    added --no-ipt-jumps (Thomas Bullinger)
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@119 af5c991a-1414-0410-86ad-c3437102cd4a

commit 19dd34519d05a7e836129686fcf765275c403077
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 05:45:43 2003 +0000

    added ChangeLog
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@118 af5c991a-1414-0410-86ad-c3437102cd4a

commit 669a757263080783c113ee69a1a94f7dcbdb11cf
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 01:34:58 2003 +0000

    removed newlines from logr() and write_ipt_script() calls
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@117 af5c991a-1414-0410-86ad-c3437102cd4a

commit 35fb6372203db87cbc54c4697c85d4f8c1d341c0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 01:23:18 2003 +0000

    added in psad in SEE ALSO section psad.8
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@116 af5c991a-1414-0410-86ad-c3437102cd4a

commit 165328ba180fad4459e9a7e0d58ce17cbad8ead0
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Dec 18 01:22:36 2003 +0000

    added write_ipt_script() for iptables script statements
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@115 af5c991a-1414-0410-86ad-c3437102cd4a

commit 725ac1a2786ecaab33cb0bfe4a4dc7bb4c7b91e6
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Oct 19 13:52:19 2003 +0000

    added the CREDITS file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@114 af5c991a-1414-0410-86ad-c3437102cd4a

commit 15a24e1f8694aaf7ef9dd781b4fbfd8b602c8f60
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Sep 28 14:23:41 2003 +0000

    comment testing
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@113 af5c991a-1414-0410-86ad-c3437102cd4a

commit 54d3d9f312b103baee370074b12206ae99a9d003
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Sep 21 19:33:53 2003 +0000

    re-ordered options hashes
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@112 af5c991a-1414-0410-86ad-c3437102cd4a

commit d9b648568628d70fecfff21b4d22209e11079f62
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 26 22:07:16 2003 +0000

    bugfix for number of args to logr()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@111 af5c991a-1414-0410-86ad-c3437102cd4a

commit 26f1eea59bb539227103d925b35549992cfb6262
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 26 22:06:59 2003 +0000

    minor install text change
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@110 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3ce905b84005ce6c3275302071d38944e280f088
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 26 20:49:42 2003 +0000

    updated to cipherdyne.org, removed version numbers from directories in perl modules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@109 af5c991a-1414-0410-86ad-c3437102cd4a

commit 46e097ba4147c0711118dec578f4a2a963d85b5f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Jul 26 20:22:03 2003 +0000

    Initial revision
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@105 af5c991a-1414-0410-86ad-c3437102cd4a

commit 811458d0a945c314a98d9410da4ffcf388c197bb
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 25 05:55:34 2003 +0000

    bugfix for being too strict on rule filenames
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@103 af5c991a-1414-0410-86ad-c3437102cd4a

commit fbd0ea5bb644a97fa0ef46f67e1a2b3aed9e5c1a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 25 04:56:57 2003 +0000

    allowed leading whitespace in snort rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@102 af5c991a-1414-0410-86ad-c3437102cd4a

commit ae2e3b8dbf0d715f92127335e2a5269a383af2f9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 25 03:49:20 2003 +0000

    added overall totals
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@101 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2372497fcd84538cd3b27ab2b74a50d42782a1b4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 25 02:26:40 2003 +0000

    updated to snort 2.0 rules, added flow, byte_test, byte_jump, etc keywords
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@100 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5b3ca15d9575a34f4688dd3388e9ea4bafb7da14
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Apr 25 01:26:00 2003 +0000

    updated to snort 2.0 rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@99 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9f36adfe293bfb453688cca998dc924e40af5386
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 21 01:52:14 2003 +0000

    bug fix for internal == external interfaces
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@98 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5454a9399f90e6a70847f3a1b9ce5b4f445c576a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 21 01:45:20 2003 +0000

    bug fix for INTERNAL_INTF == EXTERNAL_INTF
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@97 af5c991a-1414-0410-86ad-c3437102cd4a

commit 27c49f848371d76d98938dac938c4b158bfc3018
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 21 01:45:02 2003 +0000

    added defined check for INTERNAL_INTF
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@96 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2b0249e085a39f159d61b391b35475256b54227a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 21 01:40:00 2003 +0000

    minor comment fix in ipt_test()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@95 af5c991a-1414-0410-86ad-c3437102cd4a

commit 735a18e5945ee80b631c47d2bb9b947fa4162a63
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 21 01:37:41 2003 +0000

    bugfix for not handling identical external and internal interfaces
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@94 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1d988e59b6360c902d76f0d72451217a3a523607
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 20 21:33:56 2003 +0000

    updated to /etc/fwsnort/snort_rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@92 af5c991a-1414-0410-86ad-c3437102cd4a

commit 55b462a4b3bd46fe28d85dd790494f100acbc81e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 20 20:51:46 2003 +0000

    handled back tics in content field
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@91 af5c991a-1414-0410-86ad-c3437102cd4a

commit bd130564a0db75112a2eb5b0653c08d74f338cb9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 20 18:33:56 2003 +0000

    updated to /etc/fwsnort/snort_rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@90 af5c991a-1414-0410-86ad-c3437102cd4a

commit f6b724c862e50f423fff4dc0873cfc01a96b15ec
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Apr 19 01:12:33 2003 +0000

    minor fixes
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@89 af5c991a-1414-0410-86ad-c3437102cd4a

commit fc99315349004cd5ff4063de1c6c18bdba7f1481
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Apr 19 00:45:50 2003 +0000

    updated to NULL string handling in parse_hex_string
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@88 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2371caa2995e3a02e7d942ad983f0e0268a2bee9
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Apr 19 00:24:43 2003 +0000

    fixed null chars in --hex-strings within iptables directly
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@87 af5c991a-1414-0410-86ad-c3437102cd4a

commit f9fed0225fb59ae6f8cf53d023f20eb7daccc779
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 05:23:54 2003 +0000

    added --hex-string discussion
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@86 af5c991a-1414-0410-86ad-c3437102cd4a

commit 165b80035c8ab19b91e794a8434be82866ffb978
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 05:17:20 2003 +0000

    added config section for iptables script
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@85 af5c991a-1414-0410-86ad-c3437102cd4a

commit deda6763b12f3d1c7f48d52b7abbad9b09443621
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 05:03:04 2003 +0000

    more docs updates
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@84 af5c991a-1414-0410-86ad-c3437102cd4a

commit 12558c1a16208bd11596c035910dc821b589df37
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 04:45:33 2003 +0000

    added check for NULL chars in hex content, added sids to logfile
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@83 af5c991a-1414-0410-86ad-c3437102cd4a

commit d599d000533557facdd1d11ff09a52f3b8931485
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 04:45:12 2003 +0000

    added DESCRIPTION section
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@82 af5c991a-1414-0410-86ad-c3437102cd4a

commit b972dce7e3d8023034fedb2c41c8c2e45d0f383b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 04:16:37 2003 +0000

    added echo command
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@81 af5c991a-1414-0410-86ad-c3437102cd4a

commit 88c031d16e5d93eb7f5450105892876fecc64a3a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 04:03:04 2003 +0000

    more docs updates
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@80 af5c991a-1414-0410-86ad-c3437102cd4a

commit fd3c61ca0146aeeea9ffb29c3cd6e2ec8881b6dd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 02:17:37 2003 +0000

    Added --hex-string patch discussion section
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@79 af5c991a-1414-0410-86ad-c3437102cd4a

commit bf57fa8c4f4e9f17ba8d3de8b0ca536e08c15735
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 17 00:46:01 2003 +0000

    added help for --hex-string
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@78 af5c991a-1414-0410-86ad-c3437102cd4a

commit dede85b797b5cefe28d313385a464b62bbe479bc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 22:09:07 2003 +0000

    added hex-string patch file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@77 af5c991a-1414-0410-86ad-c3437102cd4a

commit 074c1f6daea06642294da18c96c3186cb829cba3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 18:22:25 2003 +0000

    added preliminary README
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@76 af5c991a-1414-0410-86ad-c3437102cd4a

commit a75c4a8541d409cc78f09443c5b11717a092b337
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 05:09:07 2003 +0000

    added hex-string patch file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@75 af5c991a-1414-0410-86ad-c3437102cd4a

commit de219a9d36a9fd4fb97d7a5d677a31a5a9e4f8ae
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 04:32:28 2003 +0000

    better Copying statement for snort rules files
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@74 af5c991a-1414-0410-86ad-c3437102cd4a

commit fc8df430ec6289d7197535bfcb3249b515f2f82b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 03:26:30 2003 +0000

    added install_manpage()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@73 af5c991a-1414-0410-86ad-c3437102cd4a

commit 651085cff3a04d5b25679d3efab4655fd0f3e68a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 02:39:10 2003 +0000

    added INSTALL file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@72 af5c991a-1414-0410-86ad-c3437102cd4a

commit a4858d12c550fac02e21a88d9064871860d6747d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 02:15:17 2003 +0000

    updated all --fw options to --ipt options
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@71 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6da1b290932a32f970ed1d6308df7f5735e54c4b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 16 02:14:50 2003 +0000

    Added the fwsnort.8 man page
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@70 af5c991a-1414-0410-86ad-c3437102cd4a

commit 76c297d05b095f8c860603d9208989f51124ab5d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 15 04:28:46 2003 +0000

    added ipt_test()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@69 af5c991a-1414-0410-86ad-c3437102cd4a

commit ae386986a35521c3ed8fdd3cd854d9bb495c5bef
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 15 00:54:08 2003 +0000

    added usage() text, added license
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@68 af5c991a-1414-0410-86ad-c3437102cd4a

commit 857b884a7950d506f2b949a8d9ad7948b62928ed
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 15 00:42:23 2003 +0000

    updated logfile path
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@67 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0c152ae0933def6fa97b5988b6c3abe3098ae88e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 15 00:33:37 2003 +0000

    updated usage(), added --no-ipt-log option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@66 af5c991a-1414-0410-86ad-c3437102cd4a

commit 658418924761844c5ef580fbd7afc4c252bd8891
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 14 05:29:05 2003 +0000

    fixed echo statements, better verbose mode
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@65 af5c991a-1414-0410-86ad-c3437102cd4a

commit 7d5c3bf973de9cf6eca9119f9a445fc3386e5a84
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 14 04:43:32 2003 +0000

    counts for applicable iptables rules works
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@64 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5522ac879d6ab36c119c20e86d9c44ce3168b5bd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 14 03:13:57 2003 +0000

    added install routine for IPTables::Parse
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@63 af5c991a-1414-0410-86ad-c3437102cd4a

commit 57ffe2925b86f2a84d6e1976f78dc3f5b6135841
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 14 03:04:58 2003 +0000

    separated defined test on DMZ_INTF
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@62 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0c5d17674d6e83be52007de04b54b27278b35df3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Apr 14 00:32:21 2003 +0000

    interim commit that adds ipt_allow_traffic()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@61 af5c991a-1414-0410-86ad-c3437102cd4a

commit f8ac1e75237ec6a104dc987c83f780c30afd2a1c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 13 02:12:32 2003 +0000

    fixed directional issue in FORWARD chain
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@60 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9631cddcd3b58659c64aa6f425863a9d0cde73fc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 13 01:42:32 2003 +0000

    added verbose mode, wrapped FORWARD chain code with interface conditionals
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@59 af5c991a-1414-0410-86ad-c3437102cd4a

commit 44045d025468f955a87b75ece63c54fd634805be
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Apr 13 00:32:21 2003 +0000

    interim commit that adds ipt_allow_traffic()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@58 af5c991a-1414-0410-86ad-c3437102cd4a

commit 68657898f1cef639852e00b98ba0645253219e4f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Thu Apr 3 01:13:08 2003 +0000

    fixed ipopts
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@57 af5c991a-1414-0410-86ad-c3437102cd4a

commit 61c2396018060d98f576aff314ff564779a8eb06
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 2 05:08:48 2003 +0000

    fixed EXTERNAL_NET reference
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@56 af5c991a-1414-0410-86ad-c3437102cd4a

commit a3dda57e7251e3d4b62a033fa1e8e00ee080def5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 2 04:44:30 2003 +0000

    first stab at handling FORWARD chain rules
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@55 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1ae8cc9540c9230a334ecf128c4d88a8b4adcbb4
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 2 03:35:53 2003 +0000

    updated ipt_jump_chains()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@54 af5c991a-1414-0410-86ad-c3437102cd4a

commit 678d4ed980dc088c3d54f1f906012ab3b7e97e1e
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 2 03:10:04 2003 +0000

    removed NUM_INTERFACES
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@53 af5c991a-1414-0410-86ad-c3437102cd4a

commit b6e761e558c7dc6ab1ac93bdcbaaa01419cf3e66
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Apr 2 02:27:19 2003 +0000

    finished handling of INPUT chains
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@52 af5c991a-1414-0410-86ad-c3437102cd4a

commit 519724e704c57a73846d3854c8d7889d582b5082
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 1 05:02:42 2003 +0000

    cleaned up calls to ipt_build_rule()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@51 af5c991a-1414-0410-86ad-c3437102cd4a

commit 23610707eacc016932d83cf1aa43846ea53ce222
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 1 04:59:06 2003 +0000

    interim commit for source and destination handling
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@50 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6e266261d8e7047e19c94c21429a11eac1a55518
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Apr 1 03:40:03 2003 +0000

    -Added "sameip" to supported options.
    -Reinstated the %fwsnort_chains hash and added build_fwsnort_chains().
    -Split up ipt_build_rule() into ipt_build(), ipt_build_rule(), and
     ipt_build_opts().
    -Removed dependency on NUM_INTERFACES.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@49 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9d48a22982d6bd544cb06b57a9c5f1e573bc0885
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 31 05:56:07 2003 +0000

    added version print
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@48 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4073074e2594ca8c30b90f6012c17c2d31a625f5
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 31 04:49:24 2003 +0000

    added code for snort_sid command line option
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@47 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3f141fb3dca9a2365098002bcc143517aac472db
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 31 03:32:25 2003 +0000

    logfile formatting changes
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@46 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2bd3a96dc7828f02ad42a3d3ca79b454bed8f1f7
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 31 02:30:06 2003 +0000

    standardized on ipt_blah() function names
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@45 af5c991a-1414-0410-86ad-c3437102cd4a

commit 26ebd0c3819ae26713d1964eef4a47f608450d7a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 31 02:18:19 2003 +0000

    updated to include version in snort rules directory
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@44 af5c991a-1414-0410-86ad-c3437102cd4a

commit 641ec918bbd5ceb1935b0d814deb1a8290122773
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 30 21:41:05 2003 +0000

    removed Tie::IxHash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@43 af5c991a-1414-0410-86ad-c3437102cd4a

commit 77aee7b7453c4db4a2a87b890dfa2ca601bf0546
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 30 20:10:25 2003 +0000

    -Reworked /etc/fwsnort directory structure (simplified it).
    -Added ipt_ruleset_hdr().
    -Added ip key to %intf_net.
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@42 af5c991a-1414-0410-86ad-c3437102cd4a

commit a2c6f577602ce0b66daccddd9f62c3a9a7165e76
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 30 18:18:34 2003 +0000

    added archive()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@41 af5c991a-1414-0410-86ad-c3437102cd4a

commit 30bfd4727f566ef836a42346c8fd0ea41acf056d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 30 05:55:13 2003 +0000

    started making use of logr()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@40 af5c991a-1414-0410-86ad-c3437102cd4a

commit fb581ee891c969ea7dd1dc195212bb1852ff143f
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 30 02:22:32 2003 +0000

    added add_ipt_chains() and jump_chain()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@39 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6de1893957b56d78418611e1d3eabdfe7d0bb738
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 29 18:10:54 2003 +0000

    fixed regex match for ipopts
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@38 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f2d9e21424f55624b3e8de986be3df441801ed2
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 29 18:04:08 2003 +0000

    -Handle "A+" vs "A" tcp flags.
    -Fixed regex greediness for snort rule fields.
    -Removed "log_only" section of %snort_opts (these fields have
     been put into the "unsupported" section).
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@37 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3d5f929d68650d70ce1c3d70aa3fa40e120d9781
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 29 16:40:42 2003 +0000

    added comments to iptables rule output, removed Tie::IxHash call
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@36 af5c991a-1414-0410-86ad-c3437102cd4a

commit ea3aba12cc42d3a58bc5a053b33f91db15fb15ea
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 29 15:36:38 2003 +0000

    removed commas in log-prefix output
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@35 af5c991a-1414-0410-86ad-c3437102cd4a

commit 4d118bd0b0cdb10cce12a44a014c403755a580ee
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 29 14:54:10 2003 +0000

    added install routine for Tie::IxHash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@34 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2155c7b53f46b6f06bc141e5d73403b0a68a8acd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 28 05:48:37 2003 +0000

    added iptables_opts hash to map snort opts to iptables opts
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@33 af5c991a-1414-0410-86ad-c3437102cd4a

commit f6f768515cbe1be63d0be21632283cd6d241ef99
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 28 04:39:56 2003 +0000

    added regex and ipt_opt keys to the snort_opt hash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@32 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5854ddd6369827f62e8e43142a3c7fe3f6bcc347
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 28 03:20:17 2003 +0000

    replaced the four snort options hash with a single hash
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@31 af5c991a-1414-0410-86ad-c3437102cd4a

commit 0f3adcddc87d5c45997ff138d0c8b900005cd239
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 28 02:19:15 2003 +0000

    -Added a "Snort Rule Options" section to the comment area at the beginning
     of the script.
    -Began completely reworking add_ipt_rule().
    -Removed variable expansion in lines of fwsnort.conf.
    -Added build_port_arr().
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@30 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5f124645783196a07a97292fde02af91e5c930c3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 28 01:20:37 2003 +0000

    removed variable expansion
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@29 af5c991a-1414-0410-86ad-c3437102cd4a

commit eac4846885c19ef6ccb79234699729537fae7b6c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Mar 26 03:15:13 2003 +0000

    minor semicolon fix
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@28 af5c991a-1414-0410-86ad-c3437102cd4a

commit cce2f9d4ae7f41c045b54b075c18474403b8f160
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 25 00:26:30 2003 +0000

    - Added several variables that exist in snort signatures such as
      SMTP_SERVERS, SHELLCODE_PORTS, etc.
    - The ____SERVERS variables default to the internal interface on
      the firewall (similar to the snort defaults of "$HOME_NET").
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@27 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3a126c543b5c95f0b949dcffa3e157cf2527a57b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Tue Mar 25 00:11:40 2003 +0000

    added dump_conf()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@26 af5c991a-1414-0410-86ad-c3437102cd4a

commit 5d36cdff3f23342c18af0edd543d323759ea7d8a
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 24 04:10:00 2003 +0000

    added NUM_INTERFACES and HTTP vars
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@25 af5c991a-1414-0410-86ad-c3437102cd4a

commit 3f53e4218f439197c07393913803c68bb3a3efb3
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 24 01:10:38 2003 +0000

    better interface validation (including NUM_INTERFACES)
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@24 af5c991a-1414-0410-86ad-c3437102cd4a

commit c9eee21d3293e072e6544d1d509c7bd6c6686af1
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 20:44:25 2003 +0000

    added VERSION
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@23 af5c991a-1414-0410-86ad-c3437102cd4a

commit 24490beaac23391a44f483cb668b83382eb54031
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 19:44:32 2003 +0000

    added LICENSE
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@22 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1df875c5d1777b16fbb1dcda2f06f0942e62ee72
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 05:03:01 2003 +0000

    started interpreting the signature source and destination
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@21 af5c991a-1414-0410-86ad-c3437102cd4a

commit 55ac2cc86cd2f31dff5085ba7fcf292324d4535d
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 04:52:22 2003 +0000

    reinstated interface command line args
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@20 af5c991a-1414-0410-86ad-c3437102cd4a

commit 53dde6cb68706619093d99d5b4a474ca8ccf55ac
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 03:35:23 2003 +0000

    added validateconf() and get_intf_net()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@19 af5c991a-1414-0410-86ad-c3437102cd4a

commit e801e0cca35b41cf57b9ffcf7524a70f8fbe1518
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Mon Mar 17 01:35:39 2003 +0000

    changed to INTERNAL_INTF
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@18 af5c991a-1414-0410-86ad-c3437102cd4a

commit 31bcea4f7fcb5e512778138b5d8648b8056f99fd
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 16 22:18:44 2003 +0000

    Added readconf(), moved commands into fwsnort.conf
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@17 af5c991a-1414-0410-86ad-c3437102cd4a

commit cb338e1734704dd555bc4f1cef5013c7a9d49d61
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 16 22:18:02 2003 +0000

    added install for Net::IPv4Addr
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@16 af5c991a-1414-0410-86ad-c3437102cd4a

commit da99d423d982171d0079fc8e56405e2c2a47fc00
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 16 22:17:33 2003 +0000

    removed INTERNAL_NET and EXTERNAL_NET
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@15 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6e45d9c7de0e0dde0e680366a7507286f5728b09
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 7 22:22:59 2003 +0000

    added the fwsnort.conf config file
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@14 af5c991a-1414-0410-86ad-c3437102cd4a

commit 424d2660fa7271332bd694b004e97aaa86492a06
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 7 05:23:31 2003 +0000

    better reporting format
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@13 af5c991a-1414-0410-86ad-c3437102cd4a

commit 122aa2903346c7f29c8a5f62b05d0864b66afd7b
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Fri Mar 7 04:46:38 2003 +0000

    better logging format
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@12 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9dbb708d4b9ccb575e5c8889fa85ec7ff6e7b164
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Mar 5 05:19:28 2003 +0000

    added some better comments
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@11 af5c991a-1414-0410-86ad-c3437102cd4a

commit 911ab86c4635a63b64546ecc6f7ec8be69e40cfc
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Mar 5 04:35:42 2003 +0000

    added %sopt_log
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@10 af5c991a-1414-0410-86ad-c3437102cd4a

commit e2737299c0e3ddecd18a657aecd173d2a9af3fbf
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Wed Mar 5 03:29:44 2003 +0000

    made several hashes to contain snort vs. iptable filter and log options
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@9 af5c991a-1414-0410-86ad-c3437102cd4a

commit 9638fea25ed8bf1e3d96dc0c7b54db99f299ff0c
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sun Mar 2 05:43:42 2003 +0000

    began parsing rule options
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@8 af5c991a-1414-0410-86ad-c3437102cd4a

commit 116f6e9f8875110771228c249e336072fda6e813
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 1 21:02:02 2003 +0000

    began code to parse snort rules, added parse_rule_hdr()
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@7 af5c991a-1414-0410-86ad-c3437102cd4a

commit 1334995ec3b7d0e740cebee60f90af544b769a89
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 1 19:11:41 2003 +0000

    added the installer
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@6 af5c991a-1414-0410-86ad-c3437102cd4a

commit 6a11250ddba65cfad7b7e053bf477aa56f4c5a22
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 1 17:48:07 2003 +0000

    Initial revision
    
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@3 af5c991a-1414-0410-86ad-c3437102cd4a

commit 2b1d0e8c7a59ef5c25fbe4667b7f98caa6cf7a04
Author: Michael Rash <mbr@cipherdyne.org>
Date:   Sat Mar 1 17:48:07 2003 +0000

    New repository initialized by cvs2svn.
    
    git-svn-id: file:///home/mbr/svn/fwsnort_repos/fwsnort/trunk@2 af5c991a-1414-0410-86ad-c3437102cd4a
