Hello,
Oinkmaster v2.0 has been released, get it from
http://oinkmaster.sourceforge.net/
MD5 (oinkmaster-2.0.tar.gz) = d2a1b56f51cf40e919c63206ca4ec8f8
SHA1 (oinkmaster-2.0.tar.gz) = 01a0d774195670a11af5ff3e302773d962b34224
Changes from v1.2:
o Major version bump to celebrate that Oinkmaster has now turned 5
years old!
o When using the -U argument to merge new variables, you can now also
specify -S <file> to specify which files in the downloaded rules
archive(s) to search for new variables. If -S is not specified, only
snort.conf is searched, just like before. As usual, no variable
merge is done unless -U is specified. You may specify multiple
-S <file> arguments to search for variables in multiple files, e.g.
"... -S snort.conf -S foo.conf ...".
o Handle multi-line variable definitions when merging variables.
o Obfuscate the oinkcode when printing URLs, unless running in verbose
mode.
o Added ability to grab rules files from a local directory by
specifying dir://<directory> as URL.
o Suppress warnings about using modifysid on non-existent SIDs when
running in quiet mode.
o Added some modifysid sanity checks
o Added Q33 to the FAQ on how to disable all rules by default and
only activate specific ones, with example how to automatically
update only a few selected rules from Bleeding Snort.
o Other documentation updates.
o Misc improvements to the config file parser.
o You can now set the HTTP User-Agent header string for Oinkmaster by
specifying "user_agent = ..." in oinkmaster.conf. The default
User-Agent string is unchanged, i.e. the string that LWP or wget set
it to by default. Based on patch from Derek Edwards.
o Make contrib/addmsg.pl handle some multi-line statements.
o contrib/create-sidmap.pl:
- don't ignore rules that are commented out
- ignore the file deleted.rules by default (you don't use it, do
you?!)
/Andreas
pgpK5TrqB5Bif.pgp
Description: PGP signature
