Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/snort/patches/snort.conf.patch
changeset 2198 168b8acace5f
parent 1345 ee87318d9935
child 7650 2e39c59b83f8
equal deleted inserted replaced
2197:22c15b329605 2198:168b8acace5f 
     1 --- snort-2.9.2/etc/snort.conf.orig	2013-05-15 07:26:24.138736340 -0700
 
     1 Solaris specific changes to the snort configuration file that will be
 
     2 +++ snort-2.9.2/etc/snort.conf	2013-05-15 07:36:06.628399989 -0700
 
     2 installed under /etc/snort/.
 
     3 @@ -143,7 +143,7 @@
 
     3 
       
     4 These changes will not be submitted upstream.
 
       
     5 
       
     6 --- etc/snort.conf.orig	2014-09-25 07:56:45.270217768 -0700
 
       
     7 +++ etc/snort.conf	2014-10-06 06:02:57.202660631 -0700
 
       
     8 @@ -101,13 +101,13 @@
 
       
     9  # Path to your rules files (this can be a relative path)
 
       
    10  # Note for Windows users:  You are advised to make this an absolute path,
 
       
    11  # such as:  c:\snort\rules
 
       
    12 -var RULE_PATH ../rules
 
       
    13 -var SO_RULE_PATH ../so_rules
 
       
    14 -var PREPROC_RULE_PATH ../preproc_rules
 
       
    15 +var RULE_PATH rules
 
       
    16 +var SO_RULE_PATH so_rules
 
       
    17 +var PREPROC_RULE_PATH preproc_rules
 
       
    18  
       
    19  # If you are using reputation preprocessor set these
 
       
    20 -var WHITE_LIST_PATH ../rules
 
       
    21 -var BLACK_LIST_PATH ../rules
 
       
    22 +var WHITE_LIST_PATH rules
 
       
    23 +var BLACK_LIST_PATH rules
 
       
    24  
       
    25  ###################################################
 
       
    26  # Step #2: Configure the decoder.  For more information, see README.decode
 
       
    27 @@ -153,7 +153,7 @@
 
     4  # Configure DAQ related options for inline operation. For more information, see README.daq
 
    28  # Configure DAQ related options for inline operation. For more information, see README.daq
 
     5  #
 
    29  #
 
     6  # config daq: <type>
 
    30  # config daq: <type>
 
     7 -# config daq_dir: <dir>
 
    31 -# config daq_dir: <dir>
 
     8 +config daq_dir: /usr/lib/64/daq/
 
    32 +config daq_dir: /usr/lib/64/daq/
 
     9  # config daq_mode: <mode>
 
    33  # config daq_mode: <mode>
 
    10  # config daq_var: <var>
 
    34  # config daq_var: <var>
 
    11  #
 
    35  #
 
    12 @@ -217,13 +217,13 @@
 
    36 @@ -240,13 +240,13 @@
 
    13  ###################################################
 
    37  ###################################################
 
    14  
    38  
    15  # path to dynamic preprocessor libraries
 
    39  # path to dynamic preprocessor libraries
 
    16 -dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
 
    40 -dynamicpreprocessor directory /usr/local/lib/snort_dynamicpreprocessor/
 
    17 +dynamicpreprocessor directory /usr/lib/64/snort_dynamicpreprocessor/
 
    41 +dynamicpreprocessor directory /usr/lib/64/snort_dynamicpreprocessor/
 
    24 -dynamicdetection directory /usr/local/lib/snort_dynamicrules
 
    48 -dynamicdetection directory /usr/local/lib/snort_dynamicrules
 
    25 +dynamicdetection directory /usr/lib/64/snort_dynamicrules
 
    49 +dynamicdetection directory /usr/lib/64/snort_dynamicrules
 
    26  
    50  
    27  ###################################################
 
    51  ###################################################
 
    28  # Step #5: Configure preprocessors
 
    52  # Step #5: Configure preprocessors
 
    29 @@ -264,34 +264,34 @@
 
    53 @@ -499,12 +499,12 @@
 
    30  # preprocessor perfmonitor: time 300 file /var/snort/snort.stats pktcnt 10000
 
    54     check_crc
 
    31  
    55  
    32  # HTTP normalization and anomaly detection.  For more information, see README.http_inspect
 
    56  # Reputation preprocessor. For more information see README.reputation
 
    33 -preprocessor http_inspect: global iis_unicode_map unicode.map 1252 compress_depth 65535 decompress_depth 65535
 
    57 -preprocessor reputation: \
 
    34 -preprocessor http_inspect_server: server default \
 
    58 -   memcap 500, \
 
    35 -    chunk_length 500000 \
 
    59 -   priority whitelist, \
 
    36 -    server_flow_depth 0 \
 
    60 -   nested_ip inner, \
 
    37 -    client_flow_depth 0 \
 
    61 -   whitelist $WHITE_LIST_PATH/white_list.rules, \
 
    38 -    post_depth 65495 \
 
    62 -   blacklist $BLACK_LIST_PATH/black_list.rules 
    39 -    oversize_dir_length 500 \
 
    63 +#preprocessor reputation: \
 
    40 -    max_header_length 750 \
 
    64 +#   memcap 500, \
 
    41 -    max_headers 100 \
 
    65 +#   priority whitelist, \
 
    42 -    ports { 80 81 311 591 593 901 1220 1414 1830 2301 2381 2809 3128 3702 5250 7001 7777 7779 8000 8008 8028 8080 8088 8118 8123 8180 8181 8243 8280 8888 9090 9091 9443 9999 11371 } \
 
    66 +#   nested_ip inner, \
 
    43 -    non_rfc_char { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 } \
 
    67 +#   whitelist $WHITE_LIST_PATH/white_list.rules, \
 
    44 -    enable_cookie \
 
    68 +#   blacklist $BLACK_LIST_PATH/black_list.rules 
    45 -    extended_response_inspection \
 
    69  
    46 -    inspect_gzip \
 
    70  ###################################################
 
    47 -    normalize_utf \
 
    71  # Step #6: Configure output plugins
 
    48 -    unlimited_decompress \
 
    72 @@ -538,123 +538,123 @@
 
    49 -    apache_whitespace no \
 
       
    50 -    ascii no \
 
       
    51 -    bare_byte no \
 
       
    52 -    directory no \
 
       
    53 -    double_decode no \
 
       
    54 -    iis_backslash no \
 
       
    55 -    iis_delimiter no \
 
       
    56 -    iis_unicode no \
 
       
    57 -    multi_slash no \
 
       
    58 -   utf_8 no \
 
       
    59 -    u_encode yes \
 
       
    60 -    webroot no
 
       
    61 +#preprocessor http_inspect: global iis_unicode_map unicode.map 1252 compress_depth 65535 decompress_depth 65535
 
       
    62 +#preprocessor http_inspect_server: server default \
 
       
    63 +#    chunk_length 500000 \
 
       
    64 +#    server_flow_depth 0 \
 
       
    65 +#    client_flow_depth 0 \
 
       
    66 +#    post_depth 65495 \
 
       
    67 +#    oversize_dir_length 500 \
 
       
    68 +#    max_header_length 750 \
 
       
    69 +#    max_headers 100 \
 
       
    70 +#    ports { 80 81 311 591 593 901 1220 1414 1830 2301 2381 2809 3128 3702 5250 7001 7777 7779 8000 8008 8028 8080 8088 8118 8123 8180 8181 8243 8280 8888 9090 9091 9443 9999 11371 } \
 
       
    71 +#    non_rfc_char { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 } \
 
       
    72 +#    enable_cookie \
 
       
    73 +#    extended_response_inspection \
 
       
    74 +#    inspect_gzip \
 
       
    75 +#    normalize_utf \
 
       
    76 +#    unlimited_decompress \
 
       
    77 +#    apache_whitespace no \
 
       
    78 +#    ascii no \
 
       
    79 +#    bare_byte no \
 
       
    80 +#    directory no \
 
       
    81 +#    double_decode no \
 
       
    82 +#    iis_backslash no \
 
       
    83 +#    iis_delimiter no \
 
       
    84 +#    iis_unicode no \
 
       
    85 +#    multi_slash no \
 
       
    86 +#   utf_8 no \
 
       
    87 +#    u_encode yes \
 
       
    88 +#    webroot no
 
       
    89  
       
    90  # ONC-RPC normalization and anomaly detection.  For more information, see the Snort Manual, Configuring Snort - Preprocessors - RPC Decode
 
       
    91  preprocessor rpc_decode: 111 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete
 
       
    92 @@ -487,8 +487,8 @@
 
       
    93  # output alert_prelude
 
       
    94  
       
    95  # metadata reference data.  do not modify these lines
 
       
    96 -include classification.config
 
       
    97 -include reference.config
 
       
    98 +# include classification.config
 
       
    99 +# include reference.config
 
       
   100  
       
   101  
       
   102  ###################################################
 
       
   103 @@ -499,61 +499,61 @@
 
       
   104  ###################################################
 
    73  ###################################################
 
   105  
    74  
   106  # site specific rules
 
    75  # site specific rules
 
   107 -include $RULE_PATH/local.rules
 
    76 -include $RULE_PATH/local.rules
 
   108 +# include $RULE_PATH/local.rules
 
    77 +# include $RULE_PATH/local.rules
 
   109  
    78  
       
    79 -include $RULE_PATH/app-detect.rules
 
   110 -include $RULE_PATH/attack-responses.rules
 
    80 -include $RULE_PATH/attack-responses.rules
 
   111 -include $RULE_PATH/backdoor.rules
 
    81 -include $RULE_PATH/backdoor.rules
 
   112 -include $RULE_PATH/bad-traffic.rules
 
    82 -include $RULE_PATH/bad-traffic.rules
 
   113 -include $RULE_PATH/blacklist.rules
 
    83 -include $RULE_PATH/blacklist.rules
 
   114 -include $RULE_PATH/botnet-cnc.rules
 
    84 -include $RULE_PATH/botnet-cnc.rules
 
       
    85 -include $RULE_PATH/browser-chrome.rules
 
       
    86 -include $RULE_PATH/browser-firefox.rules
 
       
    87 -include $RULE_PATH/browser-ie.rules
 
       
    88 -include $RULE_PATH/browser-other.rules
 
       
    89 -include $RULE_PATH/browser-plugins.rules
 
       
    90 -include $RULE_PATH/browser-webkit.rules
 
   115 -include $RULE_PATH/chat.rules
 
    91 -include $RULE_PATH/chat.rules
 
   116 -include $RULE_PATH/content-replace.rules
 
    92 -include $RULE_PATH/content-replace.rules
 
   117 -include $RULE_PATH/ddos.rules
 
    93 -include $RULE_PATH/ddos.rules
 
   118 -include $RULE_PATH/dns.rules
 
    94 -include $RULE_PATH/dns.rules
 
   119 -include $RULE_PATH/dos.rules
 
    95 -include $RULE_PATH/dos.rules
 
       
    96 -include $RULE_PATH/experimental.rules
 
       
    97 -include $RULE_PATH/exploit-kit.rules
 
   120 -include $RULE_PATH/exploit.rules
 
    98 -include $RULE_PATH/exploit.rules
 
       
    99 -include $RULE_PATH/file-executable.rules
 
       
   100 -include $RULE_PATH/file-flash.rules
 
       
   101 -include $RULE_PATH/file-identify.rules
 
       
   102 -include $RULE_PATH/file-image.rules
 
       
   103 -include $RULE_PATH/file-java.rules
 
       
   104 -include $RULE_PATH/file-multimedia.rules
 
       
   105 -include $RULE_PATH/file-office.rules
 
       
   106 -include $RULE_PATH/file-other.rules
 
       
   107 -include $RULE_PATH/file-pdf.rules
 
   121 -include $RULE_PATH/finger.rules
 
   108 -include $RULE_PATH/finger.rules
 
   122 -include $RULE_PATH/ftp.rules
 
   109 -include $RULE_PATH/ftp.rules
 
       
   110 -include $RULE_PATH/icmp-info.rules
 
   123 -include $RULE_PATH/icmp.rules
 
   111 -include $RULE_PATH/icmp.rules
 
   124 -include $RULE_PATH/icmp-info.rules
 
       
   125 -include $RULE_PATH/imap.rules
 
   112 -include $RULE_PATH/imap.rules
 
       
   113 -include $RULE_PATH/indicator-compromise.rules
 
       
   114 -include $RULE_PATH/indicator-obfuscation.rules
 
       
   115 -include $RULE_PATH/indicator-scan.rules
 
       
   116 -include $RULE_PATH/indicator-shellcode.rules
 
   126 -include $RULE_PATH/info.rules
 
   117 -include $RULE_PATH/info.rules
 
       
   118 -include $RULE_PATH/malware-backdoor.rules
 
       
   119 -include $RULE_PATH/malware-cnc.rules
 
       
   120 -include $RULE_PATH/malware-other.rules
 
       
   121 -include $RULE_PATH/malware-tools.rules
 
   127 -include $RULE_PATH/misc.rules
 
   122 -include $RULE_PATH/misc.rules
 
   128 -include $RULE_PATH/multimedia.rules
 
   123 -include $RULE_PATH/multimedia.rules
 
   129 -include $RULE_PATH/mysql.rules
 
   124 -include $RULE_PATH/mysql.rules
 
   130 -include $RULE_PATH/netbios.rules
 
   125 -include $RULE_PATH/netbios.rules
 
   131 -include $RULE_PATH/nntp.rules
 
   126 -include $RULE_PATH/nntp.rules
 
   132 -include $RULE_PATH/oracle.rules
 
   127 -include $RULE_PATH/oracle.rules
 
       
   128 -include $RULE_PATH/os-linux.rules
 
       
   129 -include $RULE_PATH/os-mobile.rules
 
       
   130 -include $RULE_PATH/os-other.rules
 
       
   131 -include $RULE_PATH/os-solaris.rules
 
       
   132 -include $RULE_PATH/os-windows.rules
 
   133 -include $RULE_PATH/other-ids.rules
 
   133 -include $RULE_PATH/other-ids.rules
 
   134 -include $RULE_PATH/p2p.rules
 
   134 -include $RULE_PATH/p2p.rules
 
   135 -include $RULE_PATH/phishing-spam.rules
 
   135 -include $RULE_PATH/phishing-spam.rules
 
       
   136 -include $RULE_PATH/policy-multimedia.rules
 
       
   137 -include $RULE_PATH/policy-other.rules
 
   136 -include $RULE_PATH/policy.rules
 
   138 -include $RULE_PATH/policy.rules
 
       
   139 -include $RULE_PATH/policy-social.rules
 
       
   140 -include $RULE_PATH/policy-spam.rules
 
   137 -include $RULE_PATH/pop2.rules
 
   141 -include $RULE_PATH/pop2.rules
 
   138 -include $RULE_PATH/pop3.rules
 
   142 -include $RULE_PATH/pop3.rules
 
       
   143 -include $RULE_PATH/protocol-dns.rules
 
       
   144 -include $RULE_PATH/protocol-finger.rules
 
       
   145 -include $RULE_PATH/protocol-ftp.rules
 
       
   146 -include $RULE_PATH/protocol-icmp.rules
 
       
   147 -include $RULE_PATH/protocol-imap.rules
 
       
   148 -include $RULE_PATH/protocol-nntp.rules
 
       
   149 -include $RULE_PATH/protocol-pop.rules
 
       
   150 -include $RULE_PATH/protocol-rpc.rules
 
       
   151 -include $RULE_PATH/protocol-scada.rules
 
       
   152 -include $RULE_PATH/protocol-services.rules
 
       
   153 -include $RULE_PATH/protocol-snmp.rules
 
       
   154 -include $RULE_PATH/protocol-telnet.rules
 
       
   155 -include $RULE_PATH/protocol-tftp.rules
 
       
   156 -include $RULE_PATH/protocol-voip.rules
 
       
   157 -include $RULE_PATH/pua-adware.rules
 
       
   158 -include $RULE_PATH/pua-other.rules
 
       
   159 -include $RULE_PATH/pua-p2p.rules
 
       
   160 -include $RULE_PATH/pua-toolbars.rules
 
   139 -include $RULE_PATH/rpc.rules
 
   161 -include $RULE_PATH/rpc.rules
 
   140 -include $RULE_PATH/rservices.rules
 
   162 -include $RULE_PATH/rservices.rules
 
   141 -include $RULE_PATH/scada.rules
 
   163 -include $RULE_PATH/scada.rules
 
   142 -include $RULE_PATH/scan.rules
 
   164 -include $RULE_PATH/scan.rules
 
       
   165 -include $RULE_PATH/server-apache.rules
 
       
   166 -include $RULE_PATH/server-iis.rules
 
       
   167 -include $RULE_PATH/server-mail.rules
 
       
   168 -include $RULE_PATH/server-mssql.rules
 
       
   169 -include $RULE_PATH/server-mysql.rules
 
       
   170 -include $RULE_PATH/server-oracle.rules
 
       
   171 -include $RULE_PATH/server-other.rules
 
       
   172 -include $RULE_PATH/server-samba.rules
 
       
   173 -include $RULE_PATH/server-webapp.rules
 
   143 -include $RULE_PATH/shellcode.rules
 
   174 -include $RULE_PATH/shellcode.rules
 
   144 -include $RULE_PATH/smtp.rules
 
   175 -include $RULE_PATH/smtp.rules
 
   145 -include $RULE_PATH/snmp.rules
 
   176 -include $RULE_PATH/snmp.rules
 
   146 -include $RULE_PATH/specific-threats.rules
 
   177 -include $RULE_PATH/specific-threats.rules
 
   147 -include $RULE_PATH/spyware-put.rules
 
   178 -include $RULE_PATH/spyware-put.rules
 
   158 -include $RULE_PATH/web-frontpage.rules
 
   189 -include $RULE_PATH/web-frontpage.rules
 
   159 -include $RULE_PATH/web-iis.rules
 
   190 -include $RULE_PATH/web-iis.rules
 
   160 -include $RULE_PATH/web-misc.rules
 
   191 -include $RULE_PATH/web-misc.rules
 
   161 -include $RULE_PATH/web-php.rules
 
   192 -include $RULE_PATH/web-php.rules
 
   162 -include $RULE_PATH/x11.rules
 
   193 -include $RULE_PATH/x11.rules
 
       
   194 +# include $RULE_PATH/app-detect.rules
 
   163 +# include $RULE_PATH/attack-responses.rules
 
   195 +# include $RULE_PATH/attack-responses.rules
 
   164 +# include $RULE_PATH/backdoor.rules
 
   196 +# include $RULE_PATH/backdoor.rules
 
   165 +# include $RULE_PATH/bad-traffic.rules
 
   197 +# include $RULE_PATH/bad-traffic.rules
 
   166 +# include $RULE_PATH/blacklist.rules
 
   198 +# include $RULE_PATH/blacklist.rules
 
   167 +# include $RULE_PATH/botnet-cnc.rules
 
   199 +# include $RULE_PATH/botnet-cnc.rules
 
       
   200 +# include $RULE_PATH/browser-chrome.rules
 
       
   201 +# include $RULE_PATH/browser-firefox.rules
 
       
   202 +# include $RULE_PATH/browser-ie.rules
 
       
   203 +# include $RULE_PATH/browser-other.rules
 
       
   204 +# include $RULE_PATH/browser-plugins.rules
 
       
   205 +# include $RULE_PATH/browser-webkit.rules
 
   168 +# include $RULE_PATH/chat.rules
 
   206 +# include $RULE_PATH/chat.rules
 
   169 +# include $RULE_PATH/content-replace.rules
 
   207 +# include $RULE_PATH/content-replace.rules
 
   170 +# include $RULE_PATH/ddos.rules
 
   208 +# include $RULE_PATH/ddos.rules
 
   171 +# include $RULE_PATH/dns.rules
 
   209 +# include $RULE_PATH/dns.rules
 
   172 +# include $RULE_PATH/dos.rules
 
   210 +# include $RULE_PATH/dos.rules
 
       
   211 +# include $RULE_PATH/experimental.rules
 
       
   212 +# include $RULE_PATH/exploit-kit.rules
 
   173 +# include $RULE_PATH/exploit.rules
 
   213 +# include $RULE_PATH/exploit.rules
 
       
   214 +# include $RULE_PATH/file-executable.rules
 
       
   215 +# include $RULE_PATH/file-flash.rules
 
       
   216 +# include $RULE_PATH/file-identify.rules
 
       
   217 +# include $RULE_PATH/file-image.rules
 
       
   218 +# include $RULE_PATH/file-java.rules
 
       
   219 +# include $RULE_PATH/file-multimedia.rules
 
       
   220 +# include $RULE_PATH/file-office.rules
 
       
   221 +# include $RULE_PATH/file-other.rules
 
       
   222 +# include $RULE_PATH/file-pdf.rules
 
   174 +# include $RULE_PATH/finger.rules
 
   223 +# include $RULE_PATH/finger.rules
 
   175 +# include $RULE_PATH/ftp.rules
 
   224 +# include $RULE_PATH/ftp.rules
 
       
   225 +# include $RULE_PATH/icmp-info.rules
 
   176 +# include $RULE_PATH/icmp.rules
 
   226 +# include $RULE_PATH/icmp.rules
 
   177 +# include $RULE_PATH/icmp-info.rules
 
       
   178 +# include $RULE_PATH/imap.rules
 
   227 +# include $RULE_PATH/imap.rules
 
       
   228 +# include $RULE_PATH/indicator-compromise.rules
 
       
   229 +# include $RULE_PATH/indicator-obfuscation.rules
 
       
   230 +# include $RULE_PATH/indicator-scan.rules
 
       
   231 +# include $RULE_PATH/indicator-shellcode.rules
 
   179 +# include $RULE_PATH/info.rules
 
   232 +# include $RULE_PATH/info.rules
 
       
   233 +# include $RULE_PATH/malware-backdoor.rules
 
       
   234 +# include $RULE_PATH/malware-cnc.rules
 
       
   235 +# include $RULE_PATH/malware-other.rules
 
       
   236 +# include $RULE_PATH/malware-tools.rules
 
   180 +# include $RULE_PATH/misc.rules
 
   237 +# include $RULE_PATH/misc.rules
 
   181 +# include $RULE_PATH/multimedia.rules
 
   238 +# include $RULE_PATH/multimedia.rules
 
   182 +# include $RULE_PATH/mysql.rules
 
   239 +# include $RULE_PATH/mysql.rules
 
   183 +# include $RULE_PATH/netbios.rules
 
   240 +# include $RULE_PATH/netbios.rules
 
   184 +# include $RULE_PATH/nntp.rules
 
   241 +# include $RULE_PATH/nntp.rules
 
   185 +# include $RULE_PATH/oracle.rules
 
   242 +# include $RULE_PATH/oracle.rules
 
       
   243 +# include $RULE_PATH/os-linux.rules
 
       
   244 +# include $RULE_PATH/os-mobile.rules
 
       
   245 +# include $RULE_PATH/os-other.rules
 
       
   246 +# include $RULE_PATH/os-solaris.rules
 
       
   247 +# include $RULE_PATH/os-windows.rules
 
   186 +# include $RULE_PATH/other-ids.rules
 
   248 +# include $RULE_PATH/other-ids.rules
 
   187 +# include $RULE_PATH/p2p.rules
 
   249 +# include $RULE_PATH/p2p.rules
 
   188 +# include $RULE_PATH/phishing-spam.rules
 
   250 +# include $RULE_PATH/phishing-spam.rules
 
       
   251 +# include $RULE_PATH/policy-multimedia.rules
 
       
   252 +# include $RULE_PATH/policy-other.rules
 
   189 +# include $RULE_PATH/policy.rules
 
   253 +# include $RULE_PATH/policy.rules
 
       
   254 +# include $RULE_PATH/policy-social.rules
 
       
   255 +# include $RULE_PATH/policy-spam.rules
 
   190 +# include $RULE_PATH/pop2.rules
 
   256 +# include $RULE_PATH/pop2.rules
 
   191 +# include $RULE_PATH/pop3.rules
 
   257 +# include $RULE_PATH/pop3.rules
 
       
   258 +# include $RULE_PATH/protocol-dns.rules
 
       
   259 +# include $RULE_PATH/protocol-finger.rules
 
       
   260 +# include $RULE_PATH/protocol-ftp.rules
 
       
   261 +# include $RULE_PATH/protocol-icmp.rules
 
       
   262 +# include $RULE_PATH/protocol-imap.rules
 
       
   263 +# include $RULE_PATH/protocol-nntp.rules
 
       
   264 +# include $RULE_PATH/protocol-pop.rules
 
       
   265 +# include $RULE_PATH/protocol-rpc.rules
 
       
   266 +# include $RULE_PATH/protocol-scada.rules
 
       
   267 +# include $RULE_PATH/protocol-services.rules
 
       
   268 +# include $RULE_PATH/protocol-snmp.rules
 
       
   269 +# include $RULE_PATH/protocol-telnet.rules
 
       
   270 +# include $RULE_PATH/protocol-tftp.rules
 
       
   271 +# include $RULE_PATH/protocol-voip.rules
 
       
   272 +# include $RULE_PATH/pua-adware.rules
 
       
   273 +# include $RULE_PATH/pua-other.rules
 
       
   274 +# include $RULE_PATH/pua-p2p.rules
 
       
   275 +# include $RULE_PATH/pua-toolbars.rules
 
   192 +# include $RULE_PATH/rpc.rules
 
   276 +# include $RULE_PATH/rpc.rules
 
   193 +# include $RULE_PATH/rservices.rules
 
   277 +# include $RULE_PATH/rservices.rules
 
   194 +# include $RULE_PATH/scada.rules
 
   278 +# include $RULE_PATH/scada.rules
 
   195 +# include $RULE_PATH/scan.rules
 
   279 +# include $RULE_PATH/scan.rules
 
       
   280 +# include $RULE_PATH/server-apache.rules
 
       
   281 +# include $RULE_PATH/server-iis.rules
 
       
   282 +# include $RULE_PATH/server-mail.rules
 
       
   283 +# include $RULE_PATH/server-mssql.rules
 
       
   284 +# include $RULE_PATH/server-mysql.rules
 
       
   285 +# include $RULE_PATH/server-oracle.rules
 
       
   286 +# include $RULE_PATH/server-other.rules
 
       
   287 +# include $RULE_PATH/server-samba.rules
 
       
   288 +# include $RULE_PATH/server-webapp.rules
 
   196 +# include $RULE_PATH/shellcode.rules
 
   289 +# include $RULE_PATH/shellcode.rules
 
   197 +# include $RULE_PATH/smtp.rules
 
   290 +# include $RULE_PATH/smtp.rules
 
   198 +# include $RULE_PATH/snmp.rules
 
   291 +# include $RULE_PATH/snmp.rules
 
   199 +# include $RULE_PATH/specific-threats.rules
 
   292 +# include $RULE_PATH/specific-threats.rules
 
   200 +# include $RULE_PATH/spyware-put.rules
 
   293 +# include $RULE_PATH/spyware-put.rules
upstream/oracle/userland-gate