NAME

Parse::Snort::Strict - Parse Snort rules with validation of the rules

DESCRIPTION

Parse Snort rules with validation regarding rule action, protocol and direction. Look at Parse::Snort for more usage detail, as this is a subclass of it.

SYNOPSIS

use Parse::Snort::Strict;
use Try::Tiny;

my $rule = Parse::Snort::Strict->new();
try {
    $rule->parse($text);
}
catch {
    warn "Unable to parse rule: $_";
};

METHODS

action

You can only have the following actions

alert: generate an alert using the selected alert method, and then
log: log the packet
pass: ignore the packet
activate: alert and then turn on another dynamic rule
dynamic: remain idle until activated by an activate rule , then act as a log rule
drop: block and log the packet
reject: block the packet, log it, and then send a TCP reset if the protocol is TCP or an ICMP port unreachable message if the protocol is UDP.
sdrop: block the packet but do not log it.

proto

You can only have the following protocols:

tcp
udp
ip
icmp

direction

You can Only have the following directions

->
<>
<-

To install Parse::Snort, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Parse::Snort

CPAN shell

perl -MCPAN -e shell
install Parse::Snort

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)