snort-rule 0.1.1 → 1.0.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 78415e3a59ccbfc9efbc8842aedcdceba1b1c1c6
4
+ data.tar.gz: 9481ea830bdabe99d1efd9f31655912223bb3f9c
5
+ SHA512:
6
+ metadata.gz: d03580284050bbf59106a2d38528a19600d956e73752d8d0e93c10edead9502fc2774e9d3e8437993fc83964cfa980ef677b8bcb1fc6b49a71acd0fff4005532
7
+ data.tar.gz: edce06d8bcbe9649b04a588a5b2790b893b48421501792c18f4156f4d4d4137c463859602c00c8014ead122df87406bea29db3bd6260f1cfa5199f1df8dc58a5
checksums.yaml.gz.sig ADDED
Binary file
data.tar.gz.sig CHANGED
Binary file
data/Guardfile ADDED
@@ -0,0 +1,9 @@
1
+ # A sample Guardfile
2
+ # More info at https://github.com/guard/guard#readme
3
+
4
+ guard :minitest do
5
+ # with Minitest::Unit
6
+ watch(%r{^test/(.*)\/?test_(.*)\.rb$})
7
+ watch(%r{^lib/(.*/)?([^/]+)\.rb$}) { |m| "test/#{m[1]}test_#{m[2]}.rb" }
8
+ watch(%r{^test/test_helper\.rb$}) { 'test' }
9
+ end
data/bin/snortrule CHANGED
@@ -1,6 +1,7 @@
1
1
  #!/usr/bin/env ruby
2
2
  # DESCRIPTION: generates and parses snort rules
3
3
  require 'getoptlong'
4
+ require 'snort/rule'
4
5
 
5
6
  def usage
6
7
  puts "Usage: #{$0} [-h] [-a <action>] [-p <protocol>] [-s <srcip>] [-x <srcport>] [-w <direction>] [-d <dstip>] [-c <dstport>] [-o <key:value>] [-o <key:value> ...]"
@@ -49,9 +50,9 @@ opts.each do |opt, arg|
49
50
  rule.dport = arg.to_i
50
51
  when '--opts'
51
52
  if arg =~ /(.+?)\s*[=:]\s*(.+)/
52
- rule.opts[$1] = $2
53
+ rule.options << Snort::RuleOption($1,$2)
53
54
  else
54
- rule.opts[arg] = true
55
+ rule.options << Snort::RuleOption(arg)
55
56
  end
56
57
  else
57
58
  usage
data/lib/snort/rule.rb CHANGED
@@ -1,53 +1,64 @@
1
1
  require "snort/rule/version"
2
+ require "snort/rule/option"
2
3
  # Generates and parses snort rules
3
4
  #
4
- # Author:: Chris Lee (mailto:rubygems@chrislee.dhs.org)
5
+ # Authors:: Chris Lee (mailto:rubygems@chrislee.dhs.org), Will Green (will[ at ]hotgazpacho[ dot ]org)
5
6
  # Copyright:: Copyright (c) 2011 Chris Lee
6
7
  # License:: Distributes under the same terms as Ruby
7
8
  module Snort
8
- # This class stores and generates the features of a snort rule
9
- class Rule
10
- attr_accessor :action, :proto, :src, :sport, :dir, :dst, :dport, :opts
11
-
12
- def initialize(kwargs={})
13
- @action = kwargs[:action] || 'alert'
14
- @proto = kwargs[:proto] || 'IP'
15
- @src = kwargs[:src] || 'any'
16
- @sport = kwargs[:sport] || 'any'
17
- @dir = kwargs[:dir] || '->'
18
- @dst = kwargs[:dst] || 'any'
19
- @dport = kwargs[:dport] || 'any'
20
- @opts = kwargs[:opts] || {}
21
- end
22
-
23
- # Output the current object into a snort rule
24
- def to_s(options_only=false)
25
- rule = ""
26
- rule = [@action, @proto, @src, @sport, @dir, @dst, @dport, '( '].join(" ") unless options_only
27
- opts.keys.sort.each do |k|
28
- rule += k if opts[k];
29
- unless opts[k] == true
30
- rule += ":#{opts[k]}"
31
- end
32
- rule += "; "
33
- end
34
- rule += ")" unless options_only
35
- rule
36
- end
37
-
38
- # Parse a snort rule to generate an object
39
- def Rule::parse(string)
40
- rule = Snort::Rule.new
41
- rulepart, optspart = string.split(/\s*\(\s*/,2)
42
- rule.action, rule.proto, rule.src, rule.sport, rule.dir, rule.dst, rule.dport = rulepart.split(/\s+/)
43
- rule.opts = Hash[optspart.gsub(/;\s*\).*$/,'').split(/\s*;\s*/).map { |x|
44
- if x =~ /(.*?):(.*)/
45
- x.split(/:/,2)
46
- else
47
- [x,true]
48
- end
49
- }]
50
- rule
51
- end
52
- end
9
+
10
+ # This class stores and generates the features of a snort rule
11
+ class Rule
12
+ attr_accessor :action, :proto, :src, :sport, :dir, :dst, :dport
13
+ attr_reader :options
14
+
15
+ # Initializes the Rule
16
+ # @param [Hash] kwargs The options to initialize the Rule with
17
+ # @option kwargs [String] :action The action
18
+ # @option kwargs [String] :proto The protocol
19
+ # @option kwargs [String] :src The source IP
20
+ # @option kwargs [String] :sport The source Port
21
+ # @option kwargs [String] :dir The direction of traffic flow
22
+ # @option kwargs [String] :dst The destination IP
23
+ # @option kwargs [String] :dport The destination Port
24
+ # @option kwargs[Array<Snort::RuleOption>] :options The better way of passing in options, using
25
+ # option objects that know how to represent themselves as a string properly
26
+ def initialize(kwargs={})
27
+ @action = kwargs[:action] || 'alert'
28
+ @proto = kwargs[:proto] || 'IP'
29
+ @src = kwargs[:src] || 'any'
30
+ @sport = kwargs[:sport] || 'any'
31
+ @dir = kwargs[:dir] || '->'
32
+ @dst = kwargs[:dst] || 'any'
33
+ @dport = kwargs[:dport] || 'any'
34
+ @options = kwargs[:options] || []
35
+ end
36
+
37
+ # Output the current object into a snort rule
38
+ def to_s(options_only=false)
39
+ rule = ""
40
+ rule = [@action, @proto, @src, @sport, @dir, @dst, @dport].join(" ") unless options_only
41
+ if options.any?
42
+ rule += " (" unless options_only
43
+ rule += options.join(' ')
44
+ rule += ")" unless options_only
45
+ end
46
+ rule
47
+ end
48
+
49
+ # Parse a snort rule to generate an object
50
+ def Rule::parse(string)
51
+ rule = Snort::Rule.new
52
+ rulepart, optspart = string.split(/\s*\(\s*/,2)
53
+ rule.action, rule.proto, rule.src, rule.sport, rule.dir, rule.dst, rule.dport = rulepart.split(/\s+/)
54
+ optspart.gsub(/;\s*\).*$/,'').split(/\s*;\s*/).each do |x|
55
+ if x =~ /(.*?):(.*)/
56
+ rule.options << Snort::RuleOption.new(*x.split(/:/,2))
57
+ else
58
+ rule.options << Snort::RuleOption.new(x)
59
+ end
60
+ end if optspart
61
+ rule
62
+ end
63
+ end
53
64
  end
@@ -0,0 +1,32 @@
1
+ module Snort
2
+ class RuleOption
3
+
4
+ attr_reader :keyword, :arguments
5
+
6
+ # @param [String] keyword
7
+ # @param [String] arguments
8
+ def initialize(keyword, arguments=nil)
9
+ @keyword = keyword.to_s
10
+ @arguments = arguments.to_s
11
+ end
12
+
13
+ def to_s
14
+ output = @keyword
15
+ output << ":#{@arguments}" unless @arguments.empty?
16
+ output << ';'
17
+ output
18
+ end
19
+
20
+ def ==(other)
21
+ @keyword == other.keyword && @arguments == other.arguments
22
+ end
23
+
24
+ def eql?(other)
25
+ self == other
26
+ end
27
+
28
+ def hash
29
+ [@keyword, @arguments].hash
30
+ end
31
+ end
32
+ end
@@ -1,5 +1,5 @@
1
1
  module Snort
2
2
  class Rule
3
- VERSION = "0.1.1"
3
+ VERSION = "1.0.1"
4
4
  end
5
5
  end
data/snort-rule.gemspec CHANGED
@@ -4,23 +4,25 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
  require 'snort/rule/version'
5
5
 
6
6
  Gem::Specification.new do |spec|
7
- spec.name = "snort-rule"
8
- spec.version = Snort::Rule::VERSION
9
- spec.authors = ["chrislee35"]
10
- spec.email = ["rubygems@chrislee.dhs.org"]
11
- spec.description = %q{Parses and generates Snort rules similar to PERL's Snort::Rule}
12
- spec.summary = %q{Class for parsing and generating Snort Rules}
13
- spec.homepage = "http://github.com/chrislee35/snort-rule"
14
- spec.license = "MIT"
7
+ spec.name = "snort-rule"
8
+ spec.version = Snort::Rule::VERSION
9
+ spec.authors = ["chrislee35"]
10
+ spec.email = ["rubygems@chrislee.dhs.org"]
11
+ spec.description = %q{Parses and generates Snort rules similar to PERL's Snort::Rule}
12
+ spec.summary = %q{Class for parsing and generating Snort Rules}
13
+ spec.homepage = "http://github.com/chrislee35/snort-rule"
14
+ spec.license = "MIT"
15
15
 
16
- spec.files = `git ls-files`.split($/)
17
- spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
- spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
- spec.require_paths = ["lib"]
16
+ spec.files = `git ls-files`.split($/)
17
+ spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
18
+ spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
+ spec.require_paths = ["lib"]
20
20
 
21
- spec.add_development_dependency "bundler", "~> 1.3"
22
- spec.add_development_dependency "rake"
21
+ spec.add_development_dependency "bundler", "~> 1.3"
22
+ spec.add_development_dependency "rake"
23
+ spec.add_development_dependency "minitest"
24
+ spec.add_development_dependency "guard-minitest"
23
25
 
24
- spec.signing_key = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
25
- spec.cert_chain = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
26
+ spec.signing_key = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
27
+ spec.cert_chain = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
26
28
  end
data/test/helper.rb CHANGED
@@ -1,2 +1,3 @@
1
- require 'test/unit'
1
+ require 'minitest/autorun'
2
+ require 'minitest/pride'
2
3
  require File.expand_path('../../lib/snort/rule.rb', __FILE__)
@@ -8,26 +8,52 @@ end
8
8
 
9
9
  require_relative 'helper'
10
10
 
11
- class TestSnortRule < Test::Unit::TestCase
12
- def test_constructor_should_set_all_the_parameters_and_generate_the_correct_rule
13
- rule = Snort::Rule.new({:action => 'pass', :proto => 'udp', :src => '192.168.0.1', :sport => 'any', :dir => '<>', :dst => 'any', :dport => 53, :opts => {'sid' => 48, 'threshold' => 'type limit,track by_src,count 1,seconds 3600' }})
14
- assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
15
- end
11
+ class TestSnortRule < Minitest::Test
12
+ def test_constructor_should_set_all_the_parameters_and_generate_the_correct_rule
13
+ rule = Snort::Rule.new({:action => 'pass', :proto => 'udp', :src => '192.168.0.1', :sport => 'any', :dir => '<>',
14
+ :dst => 'any', :dport => 53,
15
+ :options => [Snort::RuleOption.new('sid', 48), Snort::RuleOption.new('threshold', 'type limit,track by_src,count 1,seconds 3600')]
16
+ })
17
+ assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
18
+ end
16
19
 
17
- def test_construct_a_default_rule_and_update_each_member_to_generate_the_correct_rule
18
- rule = Snort::Rule.new
19
- rule.action = 'pass'
20
- rule.proto = 'udp'
21
- rule.src = '192.168.0.1'
22
- rule.dir = '<>'
23
- rule.dport = 53
24
- rule.opts['sid'] = 48
25
- rule.opts['threshold'] = 'type limit,track by_src,count 1,seconds 3600'
26
- assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
27
- end
20
+ def test_construct_a_default_rule_and_update_each_member_to_generate_the_correct_rule
21
+ rule = Snort::Rule.new
22
+ rule.action = 'pass'
23
+ rule.proto = 'udp'
24
+ rule.src = '192.168.0.1'
25
+ rule.dir = '<>'
26
+ rule.dport = 53
27
+ rule.options << Snort::RuleOption.new('sid', 48)
28
+ rule.options << Snort::RuleOption.new('threshold', 'type limit,track by_src,count 1,seconds 3600')
29
+ assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
30
+ end
28
31
 
29
- def test_parse_an_existing_rule_and_generate_the_same_rule
30
- rule = Snort::Rule.parse("pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )")
31
- assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
32
- end
32
+ def test_construct_a_default_rule_with_many_options_having_the_same_keyword
33
+ rule = Snort::Rule.new
34
+ rule.action = 'alert'
35
+ rule.proto = 'tcp'
36
+ rule.src = '$HOME_NET'
37
+ rule.dir = '->'
38
+ rule.dst = '$EXTERNAL_NET'
39
+ rule.dport = '$HTTP_PORTS'
40
+ rule.options << Snort::RuleOption.new('msg', '"HTTP Host www.baddomain.com"')
41
+ rule.options << Snort::RuleOption.new('content', '"Host|3a|"')
42
+ rule.options << Snort::RuleOption.new('nocase')
43
+ rule.options << Snort::RuleOption.new('http_header')
44
+ rule.options << Snort::RuleOption.new('content', '"www.baddomain.com"')
45
+ rule.options << Snort::RuleOption.new('nocase')
46
+ rule.options << Snort::RuleOption.new('http_header')
47
+ rule.options << Snort::RuleOption.new('pcre', '"/^Host\\x3a(.*\\.|\\s*)www\\.baddomain\\.com\\s*$/mi"')
48
+ rule.options << Snort::RuleOption.new('flow', 'to_server,established')
49
+ rule.options << Snort::RuleOption.new('threshold', 'type limit, track by_src, count 1, seconds 300')
50
+ rule.options << Snort::RuleOption.new('classtype', 'bad-unknown')
51
+ rule.options << Snort::RuleOption.new('sid', '100000000')
52
+ assert_equal 'alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP Host www.baddomain.com"; content:"Host|3a|"; nocase; http_header; content:"www.baddomain.com"; nocase; http_header; pcre:"/^Host\x3a(.*\.|\s*)www\.baddomain\.com\s*$/mi"; flow:to_server,established; threshold:type limit, track by_src, count 1, seconds 300; classtype:bad-unknown; sid:100000000;)', rule.to_s
53
+ end
54
+
55
+ def test_parse_an_existing_rule_and_generate_the_same_rule
56
+ rule = Snort::Rule.parse("pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )")
57
+ assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
58
+ end
33
59
  end
@@ -0,0 +1,40 @@
1
+ unless Kernel.respond_to?(:require_relative)
2
+ module Kernel
3
+ def require_relative(path)
4
+ require File.join(File.dirname(caller[0]), path.to_str)
5
+ end
6
+ end
7
+ end
8
+
9
+ require_relative 'helper'
10
+
11
+ class TestSnortRuleOption < Minitest::Test
12
+ def test_to_s_on_option_with_keyword_and_argument
13
+ option = Snort::RuleOption.new('msg', '"OHAI"')
14
+ assert_equal 'msg:"OHAI";', option.to_s
15
+ end
16
+
17
+ def test_to_s_on_option_with_keyword_and_no_arguments
18
+ option = Snort::RuleOption.new('nocase')
19
+ assert_equal 'nocase;', option.to_s
20
+ end
21
+
22
+ def test_two_options_with_same_keyword_and_arguments_are_double_equals
23
+ option1 = Snort::RuleOption.new('msg', '"OHAI"')
24
+ option2 = Snort::RuleOption.new('msg', '"OHAI"')
25
+ assert option1 == option2, 'They are not `==`'
26
+ end
27
+
28
+ def test_two_options_with_same_keyword_and_arguments_are_eql
29
+ option1 = Snort::RuleOption.new('msg', '"OHAI"')
30
+ option2 = Snort::RuleOption.new('msg', '"OHAI"')
31
+ assert option1.eql?(option2), 'They are not `eql?`'
32
+ end
33
+
34
+ def test_two_options_with_same_keyword_and_arguments_produce_same_hash
35
+ option1 = Snort::RuleOption.new('msg', '"OHAI"')
36
+ option2 = Snort::RuleOption.new('msg', '"OHAI"')
37
+ assert_equal option1.hash, option2.hash
38
+ end
39
+
40
+ end
metadata CHANGED
@@ -1,49 +1,40 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: snort-rule
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
5
- prerelease:
4
+ version: 1.0.1
6
5
  platform: ruby
7
6
  authors:
8
7
  - chrislee35
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain:
12
- - !binary |-
13
- LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURZakNDQWtxZ0F3SUJB
14
- Z0lCQURBTkJna3Foa2lHOXcwQkFRVUZBREJYTVJFd0R3WURWUVFEREFoeWRX
15
- SjUKWjJWdGN6RVlNQllHQ2dtU0pvbVQ4aXhrQVJrV0NHTm9jbWx6YkdWbE1S
16
- TXdFUVlLQ1pJbWlaUHlMR1FCR1JZRApaR2h6TVJNd0VRWUtDWkltaVpQeUxH
17
- UUJHUllEYjNKbk1CNFhEVEV6TURVeU1qRXlOVGswTjFvWERURTBNRFV5Ck1q
18
- RXlOVGswTjFvd1Z6RVJNQThHQTFVRUF3d0ljblZpZVdkbGJYTXhHREFXQmdv
19
- SmtpYUprL0lzWkFFWkZnaGoKYUhKcGMyeGxaVEVUTUJFR0NnbVNKb21UOGl4
20
- a0FSa1dBMlJvY3pFVE1CRUdDZ21TSm9tVDhpeGtBUmtXQTI5eQpaekNDQVNJ
21
- d0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOY1ByeDhC
22
- WmlXSVI5eFdXRzhJCnRxUjUzOHRTMXQrVUo0RlpGbCsxdnJ0VTlUaXVXWDNW
23
- ajM3VHdVcGEyZkZremlLMG41S3VwVlRoeUVoY2VtNW0KT0dSanZnclJGYldR
24
- SlNTc2NJS09wd3FVUkhWS1JwVjlnVnovSG56azhTK3hvdFVSMUJ1bzNVZ3Ir
25
- STFqSGV3RApDZ3IreSt6Z1pidGp0SHNKdHN1dWprT2NQaEVqalVpbmo2OEw5
26
- Rno5QmRlSlF0K0lhY2p3QXpVTGl4NmpXQ2h0ClVjK2crMHo4RXNyeWNhMkc2
27
- STFHc3JnWDZXSHc4ZHlreVFEVDlkQ3RTMmZsQ093U0MxUjBLNVQveEhXNTRm
28
- KzUKd2N3OG1tNTNLTE5lK3RtZ1ZDNlpIeU1FK3FKc0JuUDZ1eEYwYVRFbkdB
29
- L2pEQlFEaFFOVEYwWlAvYWJ6eVRzTAp6alVDQXdFQUFhTTVNRGN3Q1FZRFZS
30
- MFRCQUl3QURBTEJnTlZIUThFQkFNQ0JMQXdIUVlEVlIwT0JCWUVGTzh3Cith
31
- ZVA3VDZrVkpibENnNmV1c09JSTlEZk1BMEdDU3FHU0liM0RRRUJCUVVBQTRJ
32
- QkFRQkNReVJKTFhzQm8yRnkKOFc2ZS9XNFJlbVFScmxBdzlESzVPNlU3MUp0
33
- ZWRWb2Iyb3ErT2Irem1TK1BpZkUyK0wrM1JpSjJINlZUbE96aQp4K0EwNjFN
34
- VVhoR3JhcVZxNEoyRkM4a3Q0RVF5d0FEMFAwVGE1R1UyNENHU0YwOFkzR2tK
35
- eTFTYTRYcVRDMllDCm81MXM3SlArdGtDQ3RwVllTZHpKaFRsbGllUkFXQnBH
36
- VjFkdGFvZVVLRTZ0WVBNQmtvc3hTUmNWR2N6ay9TYzMKN2VRQ3BleFl5OUps
37
- VUJJOXUzQnFJWTlFK2wrTVNuOGloWFNQbXlLMERncmhhQ3Urdm9hU0ZWT1g2
38
- WStCNXFibwpqTFhNUXUyWmdJU1l3WE5qTmJHVkhlaHV0ODJVN1U5b2lIb1dj
39
- ck9HYXphUlVtR085VFhQK2FKTEgwZ3cyZGNLCkFmTWdsWFBpCi0tLS0tRU5E
40
- IENFUlRJRklDQVRFLS0tLS0K
41
- date: 2013-06-02 00:00:00.000000000 Z
11
+ - |
12
+ -----BEGIN CERTIFICATE-----
13
+ MIIDYjCCAkqgAwIBAgIBADANBgkqhkiG9w0BAQUFADBXMREwDwYDVQQDDAhydWJ5
14
+ Z2VtczEYMBYGCgmSJomT8ixkARkWCGNocmlzbGVlMRMwEQYKCZImiZPyLGQBGRYD
15
+ ZGhzMRMwEQYKCZImiZPyLGQBGRYDb3JnMB4XDTEzMDUyMjEyNTk0N1oXDTE0MDUy
16
+ MjEyNTk0N1owVzERMA8GA1UEAwwIcnVieWdlbXMxGDAWBgoJkiaJk/IsZAEZFghj
17
+ aHJpc2xlZTETMBEGCgmSJomT8ixkARkWA2RoczETMBEGCgmSJomT8ixkARkWA29y
18
+ ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcPrx8BZiWIR9xWWG8I
19
+ tqR538tS1t+UJ4FZFl+1vrtU9TiuWX3Vj37TwUpa2fFkziK0n5KupVThyEhcem5m
20
+ OGRjvgrRFbWQJSSscIKOpwqURHVKRpV9gVz/Hnzk8S+xotUR1Buo3Ugr+I1jHewD
21
+ Cgr+y+zgZbtjtHsJtsuujkOcPhEjjUinj68L9Fz9BdeJQt+IacjwAzULix6jWCht
22
+ Uc+g+0z8Esryca2G6I1GsrgX6WHw8dykyQDT9dCtS2flCOwSC1R0K5T/xHW54f+5
23
+ wcw8mm53KLNe+tmgVC6ZHyME+qJsBnP6uxF0aTEnGA/jDBQDhQNTF0ZP/abzyTsL
24
+ zjUCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFO8w
25
+ +aeP7T6kVJblCg6eusOII9DfMA0GCSqGSIb3DQEBBQUAA4IBAQBCQyRJLXsBo2Fy
26
+ 8W6e/W4RemQRrlAw9DK5O6U71JtedVob2oq+Ob+zmS+PifE2+L+3RiJ2H6VTlOzi
27
+ x+A061MUXhGraqVq4J2FC8kt4EQywAD0P0Ta5GU24CGSF08Y3GkJy1Sa4XqTC2YC
28
+ o51s7JP+tkCCtpVYSdzJhTllieRAWBpGV1dtaoeUKE6tYPMBkosxSRcVGczk/Sc3
29
+ 7eQCpexYy9JlUBI9u3BqIY9E+l+MSn8ihXSPmyK0DgrhaCu+voaSFVOX6Y+B5qbo
30
+ jLXMQu2ZgISYwXNjNbGVHehut82U7U9oiHoWcrOGazaRUmGO9TXP+aJLH0gw2dcK
31
+ AfMglXPi
32
+ -----END CERTIFICATE-----
33
+ date: 2014-05-02 00:00:00.000000000 Z
42
34
  dependencies:
43
35
  - !ruby/object:Gem::Dependency
44
36
  name: bundler
45
37
  requirement: !ruby/object:Gem::Requirement
46
- none: false
47
38
  requirements:
48
39
  - - ~>
49
40
  - !ruby/object:Gem::Version
@@ -51,7 +42,6 @@ dependencies:
51
42
  type: :development
52
43
  prerelease: false
53
44
  version_requirements: !ruby/object:Gem::Requirement
54
- none: false
55
45
  requirements:
56
46
  - - ~>
57
47
  - !ruby/object:Gem::Version
@@ -59,17 +49,43 @@ dependencies:
59
49
  - !ruby/object:Gem::Dependency
60
50
  name: rake
61
51
  requirement: !ruby/object:Gem::Requirement
62
- none: false
63
52
  requirements:
64
- - - ! '>='
53
+ - - '>='
65
54
  - !ruby/object:Gem::Version
66
55
  version: '0'
67
56
  type: :development
68
57
  prerelease: false
69
58
  version_requirements: !ruby/object:Gem::Requirement
70
- none: false
71
59
  requirements:
72
- - - ! '>='
60
+ - - '>='
61
+ - !ruby/object:Gem::Version
62
+ version: '0'
63
+ - !ruby/object:Gem::Dependency
64
+ name: minitest
65
+ requirement: !ruby/object:Gem::Requirement
66
+ requirements:
67
+ - - '>='
68
+ - !ruby/object:Gem::Version
69
+ version: '0'
70
+ type: :development
71
+ prerelease: false
72
+ version_requirements: !ruby/object:Gem::Requirement
73
+ requirements:
74
+ - - '>='
75
+ - !ruby/object:Gem::Version
76
+ version: '0'
77
+ - !ruby/object:Gem::Dependency
78
+ name: guard-minitest
79
+ requirement: !ruby/object:Gem::Requirement
80
+ requirements:
81
+ - - '>='
82
+ - !ruby/object:Gem::Version
83
+ version: '0'
84
+ type: :development
85
+ prerelease: false
86
+ version_requirements: !ruby/object:Gem::Requirement
87
+ requirements:
88
+ - - '>='
73
89
  - !ruby/object:Gem::Version
74
90
  version: '0'
75
91
  description: Parses and generates Snort rules similar to PERL's Snort::Rule
@@ -82,46 +98,43 @@ extra_rdoc_files: []
82
98
  files:
83
99
  - .gitignore
84
100
  - Gemfile
101
+ - Guardfile
85
102
  - LICENSE.txt
86
103
  - README.md
87
104
  - Rakefile
88
105
  - bin/snortrule
89
106
  - lib/snort/rule.rb
107
+ - lib/snort/rule/option.rb
90
108
  - lib/snort/rule/version.rb
91
109
  - snort-rule.gemspec
92
110
  - test/helper.rb
93
111
  - test/test_snort-rule.rb
112
+ - test/test_snort_rule_option.rb
94
113
  homepage: http://github.com/chrislee35/snort-rule
95
114
  licenses:
96
115
  - MIT
116
+ metadata: {}
97
117
  post_install_message:
98
118
  rdoc_options: []
99
119
  require_paths:
100
120
  - lib
101
121
  required_ruby_version: !ruby/object:Gem::Requirement
102
- none: false
103
122
  requirements:
104
- - - ! '>='
123
+ - - '>='
105
124
  - !ruby/object:Gem::Version
106
125
  version: '0'
107
- segments:
108
- - 0
109
- hash: 845204443714955193
110
126
  required_rubygems_version: !ruby/object:Gem::Requirement
111
- none: false
112
127
  requirements:
113
- - - ! '>='
128
+ - - '>='
114
129
  - !ruby/object:Gem::Version
115
130
  version: '0'
116
- segments:
117
- - 0
118
- hash: 845204443714955193
119
131
  requirements: []
120
132
  rubyforge_project:
121
- rubygems_version: 1.8.25
133
+ rubygems_version: 2.1.11
122
134
  signing_key:
123
- specification_version: 3
135
+ specification_version: 4
124
136
  summary: Class for parsing and generating Snort Rules
125
137
  test_files:
126
138
  - test/helper.rb
127
139
  - test/test_snort-rule.rb
140
+ - test/test_snort_rule_option.rb
metadata.gz.sig CHANGED
Binary file