RubyGems - snort-rule - Versions diffs - 0.1.1 → 1.0.1 - Mend

snort-rule 0.1.1 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

checksums.yaml +7 -0
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/Guardfile +9 -0
data/bin/snortrule +3 -2
data/lib/snort/rule.rb +57 -46
data/lib/snort/rule/option.rb +32 -0
data/lib/snort/rule/version.rb +1 -1
data/snort-rule.gemspec +18 -16
data/test/helper.rb +2 -1
data/test/test_snort-rule.rb +46 -20
data/test/test_snort_rule_option.rb +40 -0
metadata +63 -50
metadata.gz.sig +0 -0

checksums.yaml ADDED Viewed

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 78415e3a59ccbfc9efbc8842aedcdceba1b1c1c6
+  data.tar.gz: 9481ea830bdabe99d1efd9f31655912223bb3f9c
+SHA512:
+  metadata.gz: d03580284050bbf59106a2d38528a19600d956e73752d8d0e93c10edead9502fc2774e9d3e8437993fc83964cfa980ef677b8bcb1fc6b49a71acd0fff4005532
+  data.tar.gz: edce06d8bcbe9649b04a588a5b2790b893b48421501792c18f4156f4d4d4137c463859602c00c8014ead122df87406bea29db3bd6260f1cfa5199f1df8dc58a5

checksums.yaml.gz.sig ADDED Viewed

Binary file

data.tar.gz.sig CHANGED Viewed

Binary file

data/Guardfile ADDED Viewed

@@ -0,0 +1,9 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+guard :minitest do
+  # with Minitest::Unit
+  watch(%r{^test/(.*)\/?test_(.*)\.rb$})
+  watch(%r{^lib/(.*/)?([^/]+)\.rb$})     { |m| "test/#{m[1]}test_#{m[2]}.rb" }
+  watch(%r{^test/test_helper\.rb$})      { 'test' }
+end

data/bin/snortrule CHANGED Viewed

@@ -1,6 +1,7 @@
 #!/usr/bin/env ruby
 # DESCRIPTION: generates and parses snort rules
 require 'getoptlong'
+require 'snort/rule'
 def usage
 	puts "Usage: #{$0} [-h] [-a <action>] [-p <protocol>] [-s <srcip>] [-x <srcport>] [-w <direction>] [-d <dstip>] [-c <dstport>] [-o <key:value>] [-o <key:value> ...]"
@@ -49,9 +50,9 @@ opts.each do |opt, arg|
 		rule.dport = arg.to_i
 	when '--opts'
 		if arg =~ /(.+?)\s*[=:]\s*(.+)/
-			rule.opts[$1] = $2
+			rule.options << Snort::RuleOption($1,$2)
 		else
-			rule.opts[arg] = true
+			rule.options << Snort::RuleOption(arg)
 		end
 	else
 		usage

data/lib/snort/rule.rb CHANGED Viewed

@@ -1,53 +1,64 @@
 require "snort/rule/version"
+require "snort/rule/option"
 # Generates and parses snort rules
 #
-# Author::    Chris Lee  (mailto:rubygems@chrislee.dhs.org)
+# Authors::   Chris Lee  (mailto:rubygems@chrislee.dhs.org), Will Green (will[ at ]hotgazpacho[ dot ]org)
 # Copyright:: Copyright (c) 2011 Chris Lee
 # License::   Distributes under the same terms as Ruby
 module Snort
-	# This class stores and generates the features of a snort rule
-	class Rule
-		attr_accessor :action, :proto, :src, :sport, :dir, :dst, :dport, :opts
-		def initialize(kwargs={})
-			@action = kwargs[:action] || 'alert'
-			@proto = kwargs[:proto] || 'IP'
-			@src = kwargs[:src] || 'any'
-			@sport = kwargs[:sport] || 'any'
-			@dir = kwargs[:dir] || '->'
-			@dst = kwargs[:dst] || 'any'
-			@dport = kwargs[:dport] || 'any'
-			@opts = kwargs[:opts] || {}
-		end
-		# Output the current object into a snort rule
-		def to_s(options_only=false)
-			rule = ""
-			rule = [@action, @proto, @src, @sport, @dir, @dst, @dport, '( '].join(" ") unless options_only
-			opts.keys.sort.each do |k|
-				rule += k if opts[k];
-				unless opts[k] == true
-					rule += ":#{opts[k]}"
-				end
-				rule += "; "
-			end
-			rule += ")" unless options_only
-			rule
-		end
-		# Parse a snort rule to generate an object
-		def Rule::parse(string)
-			rule = Snort::Rule.new
-			rulepart, optspart = string.split(/\s*\(\s*/,2)
-			rule.action, rule.proto, rule.src, rule.sport, rule.dir, rule.dst, rule.dport = rulepart.split(/\s+/)
-			rule.opts = Hash[optspart.gsub(/;\s*\).*$/,'').split(/\s*;\s*/).map { |x|
-				if x =~ /(.*?):(.*)/
-					x.split(/:/,2)
-				else
-					[x,true]
-				end
-			}]
-			rule
-		end
-	end
+  # This class stores and generates the features of a snort rule
+  class Rule
+    attr_accessor :action, :proto, :src, :sport, :dir, :dst, :dport
+    attr_reader :options
+    # Initializes the Rule
+    # @param [Hash] kwargs The options to initialize the Rule with
+    # @option kwargs [String] :action The action
+    # @option kwargs [String] :proto The protocol
+    # @option kwargs [String] :src The source IP
+    # @option kwargs [String] :sport The source Port
+    # @option kwargs [String] :dir The direction of traffic flow
+    # @option kwargs [String] :dst The destination IP
+    # @option kwargs [String] :dport The destination Port
+    # @option kwargs[Array<Snort::RuleOption>] :options The better way of passing in options, using
+    #   option objects that know how to represent themselves as a string properly
+    def initialize(kwargs={})
+      @action = kwargs[:action] || 'alert'
+      @proto = kwargs[:proto] || 'IP'
+      @src = kwargs[:src] || 'any'
+      @sport = kwargs[:sport] || 'any'
+      @dir = kwargs[:dir] || '->'
+      @dst = kwargs[:dst] || 'any'
+      @dport = kwargs[:dport] || 'any'
+      @options = kwargs[:options] || []
+    end
+    # Output the current object into a snort rule
+    def to_s(options_only=false)
+      rule = ""
+      rule = [@action, @proto, @src, @sport, @dir, @dst, @dport].join(" ") unless options_only
+      if options.any?
+        rule += " (" unless options_only
+        rule += options.join(' ')
+        rule += ")" unless options_only
+      end
+      rule
+    end
+    # Parse a snort rule to generate an object
+    def Rule::parse(string)
+      rule = Snort::Rule.new
+      rulepart, optspart = string.split(/\s*\(\s*/,2)
+      rule.action, rule.proto, rule.src, rule.sport, rule.dir, rule.dst, rule.dport = rulepart.split(/\s+/)
+      optspart.gsub(/;\s*\).*$/,'').split(/\s*;\s*/).each do |x|
+        if x =~ /(.*?):(.*)/
+          rule.options << Snort::RuleOption.new(*x.split(/:/,2))
+        else
+          rule.options << Snort::RuleOption.new(x)
+        end
+      end if optspart
+      rule
+    end
+  end
 end

data/lib/snort/rule/option.rb ADDED Viewed

@@ -0,0 +1,32 @@
+module Snort
+  class RuleOption
+    attr_reader :keyword, :arguments
+    # @param [String] keyword
+    # @param [String] arguments
+    def initialize(keyword, arguments=nil)
+      @keyword = keyword.to_s
+      @arguments = arguments.to_s
+    end
+    def to_s
+      output = @keyword
+      output << ":#{@arguments}" unless @arguments.empty?
+      output << ';'
+      output
+    end
+    def ==(other)
+      @keyword == other.keyword && @arguments == other.arguments
+    end
+    def eql?(other)
+      self == other
+    end
+    def hash
+      [@keyword, @arguments].hash
+    end
+  end
+end

data/lib/snort/rule/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module Snort
   class Rule
-    VERSION = "0.1.1"
+    VERSION = "1.0.1"
   end
 end

data/snort-rule.gemspec CHANGED Viewed

@@ -4,23 +4,25 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 require 'snort/rule/version'
 Gem::Specification.new do |spec|
-	spec.name          = "snort-rule"
-	spec.version       = Snort::Rule::VERSION
-	spec.authors       = ["chrislee35"]
-	spec.email         = ["rubygems@chrislee.dhs.org"]
-	spec.description   = %q{Parses and generates Snort rules similar to PERL's Snort::Rule}
-	spec.summary       = %q{Class for parsing and generating Snort Rules}
-	spec.homepage      = "http://github.com/chrislee35/snort-rule"
-	spec.license       = "MIT"
+  spec.name          = "snort-rule"
+  spec.version       = Snort::Rule::VERSION
+  spec.authors       = ["chrislee35"]
+  spec.email         = ["rubygems@chrislee.dhs.org"]
+  spec.description   = %q{Parses and generates Snort rules similar to PERL's Snort::Rule}
+  spec.summary       = %q{Class for parsing and generating Snort Rules}
+  spec.homepage      = "http://github.com/chrislee35/snort-rule"
+  spec.license       = "MIT"
-	spec.files         = `git ls-files`.split($/)
-	spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
-	spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-	spec.require_paths = ["lib"]
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
-	spec.add_development_dependency "bundler", "~> 1.3"
-	spec.add_development_dependency "rake"
+  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "minitest"
+  spec.add_development_dependency "guard-minitest"
-	spec.signing_key   = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
-	spec.cert_chain    = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
+  spec.signing_key   = "#{File.dirname(__FILE__)}/../gem-private_key.pem"
+  spec.cert_chain    = ["#{File.dirname(__FILE__)}/../gem-public_cert.pem"]
 end

data/test/helper.rb CHANGED Viewed

@@ -1,2 +1,3 @@
-require 'test/unit'
+require 'minitest/autorun'
+require 'minitest/pride'
 require File.expand_path('../../lib/snort/rule.rb', __FILE__)

data/test/test_snort-rule.rb CHANGED Viewed

@@ -8,26 +8,52 @@ end
 require_relative 'helper'
-class TestSnortRule < Test::Unit::TestCase
-	def test_constructor_should_set_all_the_parameters_and_generate_the_correct_rule
-		rule = Snort::Rule.new({:action => 'pass', :proto => 'udp', :src => '192.168.0.1', :sport => 'any', :dir => '<>', :dst => 'any', :dport => 53, :opts => {'sid' => 48, 'threshold' => 'type limit,track by_src,count 1,seconds 3600' }})
-		assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
-	end
+class TestSnortRule < Minitest::Test
+  def test_constructor_should_set_all_the_parameters_and_generate_the_correct_rule
+    rule = Snort::Rule.new({:action => 'pass', :proto => 'udp', :src => '192.168.0.1', :sport => 'any', :dir => '<>',
+      :dst => 'any', :dport => 53,
+      :options => [Snort::RuleOption.new('sid', 48), Snort::RuleOption.new('threshold', 'type limit,track by_src,count 1,seconds 3600')]
+    })
+    assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
+  end
-	def test_construct_a_default_rule_and_update_each_member_to_generate_the_correct_rule
-		rule = Snort::Rule.new
-		rule.action = 'pass'
-		rule.proto = 'udp'
-		rule.src = '192.168.0.1'
-		rule.dir = '<>'
-		rule.dport = 53
-		rule.opts['sid'] = 48
-		rule.opts['threshold'] = 'type limit,track by_src,count 1,seconds 3600'
-		assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
-	end
+  def test_construct_a_default_rule_and_update_each_member_to_generate_the_correct_rule
+    rule = Snort::Rule.new
+    rule.action = 'pass'
+    rule.proto = 'udp'
+    rule.src = '192.168.0.1'
+    rule.dir = '<>'
+    rule.dport = 53
+    rule.options << Snort::RuleOption.new('sid', 48)
+    rule.options << Snort::RuleOption.new('threshold', 'type limit,track by_src,count 1,seconds 3600')
+    assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
+  end
-	def test_parse_an_existing_rule_and_generate_the_same_rule
-		rule = Snort::Rule.parse("pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )")
-		assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 ( sid:48; threshold:type limit,track by_src,count 1,seconds 3600; )"
-	end
+  def test_construct_a_default_rule_with_many_options_having_the_same_keyword
+    rule = Snort::Rule.new
+    rule.action = 'alert'
+    rule.proto = 'tcp'
+    rule.src = '$HOME_NET'
+    rule.dir = '->'
+    rule.dst = '$EXTERNAL_NET'
+    rule.dport = '$HTTP_PORTS'
+    rule.options << Snort::RuleOption.new('msg', '"HTTP Host www.baddomain.com"')
+    rule.options << Snort::RuleOption.new('content', '"Host|3a|"')
+    rule.options << Snort::RuleOption.new('nocase')
+    rule.options << Snort::RuleOption.new('http_header')
+    rule.options << Snort::RuleOption.new('content', '"www.baddomain.com"')
+    rule.options << Snort::RuleOption.new('nocase')
+    rule.options << Snort::RuleOption.new('http_header')
+    rule.options << Snort::RuleOption.new('pcre', '"/^Host\\x3a(.*\\.|\\s*)www\\.baddomain\\.com\\s*$/mi"')
+    rule.options << Snort::RuleOption.new('flow', 'to_server,established')
+    rule.options << Snort::RuleOption.new('threshold', 'type limit, track by_src, count 1, seconds 300')
+    rule.options << Snort::RuleOption.new('classtype', 'bad-unknown')
+    rule.options << Snort::RuleOption.new('sid', '100000000')
+    assert_equal 'alert tcp $HOME_NET any -> $EXTERNAL_NET $HTTP_PORTS (msg:"HTTP Host www.baddomain.com"; content:"Host|3a|"; nocase; http_header; content:"www.baddomain.com"; nocase; http_header; pcre:"/^Host\x3a(.*\.|\s*)www\.baddomain\.com\s*$/mi"; flow:to_server,established; threshold:type limit, track by_src, count 1, seconds 300; classtype:bad-unknown; sid:100000000;)', rule.to_s
+  end
+  def test_parse_an_existing_rule_and_generate_the_same_rule
+    rule = Snort::Rule.parse("pass udp 192.168.0.1 any <> any 53 (   sid:48;     threshold:type limit,track by_src,count 1,seconds 3600; )")
+    assert_equal rule.to_s, "pass udp 192.168.0.1 any <> any 53 (sid:48; threshold:type limit,track by_src,count 1,seconds 3600;)"
+  end
 end

data/test/test_snort_rule_option.rb ADDED Viewed

@@ -0,0 +1,40 @@
+unless Kernel.respond_to?(:require_relative)
+  module Kernel
+    def require_relative(path)
+      require File.join(File.dirname(caller[0]), path.to_str)
+    end
+  end
+end
+require_relative 'helper'
+class TestSnortRuleOption < Minitest::Test
+  def test_to_s_on_option_with_keyword_and_argument
+    option = Snort::RuleOption.new('msg', '"OHAI"')
+    assert_equal 'msg:"OHAI";', option.to_s
+  end
+  def test_to_s_on_option_with_keyword_and_no_arguments
+    option = Snort::RuleOption.new('nocase')
+    assert_equal 'nocase;', option.to_s
+  end
+  def test_two_options_with_same_keyword_and_arguments_are_double_equals
+    option1 = Snort::RuleOption.new('msg', '"OHAI"')
+    option2 = Snort::RuleOption.new('msg', '"OHAI"')
+    assert option1 == option2, 'They are not `==`'
+  end
+  def test_two_options_with_same_keyword_and_arguments_are_eql
+    option1 = Snort::RuleOption.new('msg', '"OHAI"')
+    option2 = Snort::RuleOption.new('msg', '"OHAI"')
+    assert option1.eql?(option2), 'They are not `eql?`'
+  end
+  def test_two_options_with_same_keyword_and_arguments_produce_same_hash
+    option1 = Snort::RuleOption.new('msg', '"OHAI"')
+    option2 = Snort::RuleOption.new('msg', '"OHAI"')
+    assert_equal option1.hash, option2.hash
+  end
+end

metadata CHANGED Viewed

@@ -1,49 +1,40 @@
 --- !ruby/object:Gem::Specification
 name: snort-rule
 version: !ruby/object:Gem::Version
-  version: 0.1.1
-  prerelease:
+  version: 1.0.1
 platform: ruby
 authors:
 - chrislee35
 autorequire:
 bindir: bin
 cert_chain:
-- !binary |-
-  LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURZakNDQWtxZ0F3SUJB
-  Z0lCQURBTkJna3Foa2lHOXcwQkFRVUZBREJYTVJFd0R3WURWUVFEREFoeWRX
-  SjUKWjJWdGN6RVlNQllHQ2dtU0pvbVQ4aXhrQVJrV0NHTm9jbWx6YkdWbE1S
-  TXdFUVlLQ1pJbWlaUHlMR1FCR1JZRApaR2h6TVJNd0VRWUtDWkltaVpQeUxH
-  UUJHUllEYjNKbk1CNFhEVEV6TURVeU1qRXlOVGswTjFvWERURTBNRFV5Ck1q
-  RXlOVGswTjFvd1Z6RVJNQThHQTFVRUF3d0ljblZpZVdkbGJYTXhHREFXQmdv
-  SmtpYUprL0lzWkFFWkZnaGoKYUhKcGMyeGxaVEVUTUJFR0NnbVNKb21UOGl4
-  a0FSa1dBMlJvY3pFVE1CRUdDZ21TSm9tVDhpeGtBUmtXQTI5eQpaekNDQVNJ
-  d0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOY1ByeDhC
-  WmlXSVI5eFdXRzhJCnRxUjUzOHRTMXQrVUo0RlpGbCsxdnJ0VTlUaXVXWDNW
-  ajM3VHdVcGEyZkZremlLMG41S3VwVlRoeUVoY2VtNW0KT0dSanZnclJGYldR
-  SlNTc2NJS09wd3FVUkhWS1JwVjlnVnovSG56azhTK3hvdFVSMUJ1bzNVZ3Ir
-  STFqSGV3RApDZ3IreSt6Z1pidGp0SHNKdHN1dWprT2NQaEVqalVpbmo2OEw5
-  Rno5QmRlSlF0K0lhY2p3QXpVTGl4NmpXQ2h0ClVjK2crMHo4RXNyeWNhMkc2
-  STFHc3JnWDZXSHc4ZHlreVFEVDlkQ3RTMmZsQ093U0MxUjBLNVQveEhXNTRm
-  KzUKd2N3OG1tNTNLTE5lK3RtZ1ZDNlpIeU1FK3FKc0JuUDZ1eEYwYVRFbkdB
-  L2pEQlFEaFFOVEYwWlAvYWJ6eVRzTAp6alVDQXdFQUFhTTVNRGN3Q1FZRFZS
-  MFRCQUl3QURBTEJnTlZIUThFQkFNQ0JMQXdIUVlEVlIwT0JCWUVGTzh3Cith
-  ZVA3VDZrVkpibENnNmV1c09JSTlEZk1BMEdDU3FHU0liM0RRRUJCUVVBQTRJ
-  QkFRQkNReVJKTFhzQm8yRnkKOFc2ZS9XNFJlbVFScmxBdzlESzVPNlU3MUp0
-  ZWRWb2Iyb3ErT2Irem1TK1BpZkUyK0wrM1JpSjJINlZUbE96aQp4K0EwNjFN
-  VVhoR3JhcVZxNEoyRkM4a3Q0RVF5d0FEMFAwVGE1R1UyNENHU0YwOFkzR2tK
-  eTFTYTRYcVRDMllDCm81MXM3SlArdGtDQ3RwVllTZHpKaFRsbGllUkFXQnBH
-  VjFkdGFvZVVLRTZ0WVBNQmtvc3hTUmNWR2N6ay9TYzMKN2VRQ3BleFl5OUps
-  VUJJOXUzQnFJWTlFK2wrTVNuOGloWFNQbXlLMERncmhhQ3Urdm9hU0ZWT1g2
-  WStCNXFibwpqTFhNUXUyWmdJU1l3WE5qTmJHVkhlaHV0ODJVN1U5b2lIb1dj
-  ck9HYXphUlVtR085VFhQK2FKTEgwZ3cyZGNLCkFmTWdsWFBpCi0tLS0tRU5E
-  IENFUlRJRklDQVRFLS0tLS0K
-date: 2013-06-02 00:00:00.000000000 Z
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDYjCCAkqgAwIBAgIBADANBgkqhkiG9w0BAQUFADBXMREwDwYDVQQDDAhydWJ5
+  Z2VtczEYMBYGCgmSJomT8ixkARkWCGNocmlzbGVlMRMwEQYKCZImiZPyLGQBGRYD
+  ZGhzMRMwEQYKCZImiZPyLGQBGRYDb3JnMB4XDTEzMDUyMjEyNTk0N1oXDTE0MDUy
+  MjEyNTk0N1owVzERMA8GA1UEAwwIcnVieWdlbXMxGDAWBgoJkiaJk/IsZAEZFghj
+  aHJpc2xlZTETMBEGCgmSJomT8ixkARkWA2RoczETMBEGCgmSJomT8ixkARkWA29y
+  ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcPrx8BZiWIR9xWWG8I
+  tqR538tS1t+UJ4FZFl+1vrtU9TiuWX3Vj37TwUpa2fFkziK0n5KupVThyEhcem5m
+  OGRjvgrRFbWQJSSscIKOpwqURHVKRpV9gVz/Hnzk8S+xotUR1Buo3Ugr+I1jHewD
+  Cgr+y+zgZbtjtHsJtsuujkOcPhEjjUinj68L9Fz9BdeJQt+IacjwAzULix6jWCht
+  Uc+g+0z8Esryca2G6I1GsrgX6WHw8dykyQDT9dCtS2flCOwSC1R0K5T/xHW54f+5
+  wcw8mm53KLNe+tmgVC6ZHyME+qJsBnP6uxF0aTEnGA/jDBQDhQNTF0ZP/abzyTsL
+  zjUCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFO8w
+  +aeP7T6kVJblCg6eusOII9DfMA0GCSqGSIb3DQEBBQUAA4IBAQBCQyRJLXsBo2Fy
+  8W6e/W4RemQRrlAw9DK5O6U71JtedVob2oq+Ob+zmS+PifE2+L+3RiJ2H6VTlOzi
+  x+A061MUXhGraqVq4J2FC8kt4EQywAD0P0Ta5GU24CGSF08Y3GkJy1Sa4XqTC2YC
+  o51s7JP+tkCCtpVYSdzJhTllieRAWBpGV1dtaoeUKE6tYPMBkosxSRcVGczk/Sc3
+  7eQCpexYy9JlUBI9u3BqIY9E+l+MSn8ihXSPmyK0DgrhaCu+voaSFVOX6Y+B5qbo
+  jLXMQu2ZgISYwXNjNbGVHehut82U7U9oiHoWcrOGazaRUmGO9TXP+aJLH0gw2dcK
+  AfMglXPi
+  -----END CERTIFICATE-----
+date: 2014-05-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -51,7 +42,6 @@ dependencies:
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
@@ -59,17 +49,43 @@ dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: Parses and generates Snort rules similar to PERL's Snort::Rule
@@ -82,46 +98,43 @@ extra_rdoc_files: []
 files:
 - .gitignore
 - Gemfile
+- Guardfile
 - LICENSE.txt
 - README.md
 - Rakefile
 - bin/snortrule
 - lib/snort/rule.rb
+- lib/snort/rule/option.rb
 - lib/snort/rule/version.rb
 - snort-rule.gemspec
 - test/helper.rb
 - test/test_snort-rule.rb
+- test/test_snort_rule_option.rb
 homepage: http://github.com/chrislee35/snort-rule
 licenses:
 - MIT
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 845204443714955193
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
-      segments:
-      - 0
-      hash: 845204443714955193
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.25
+rubygems_version: 2.1.11
 signing_key:
-specification_version: 3
+specification_version: 4
 summary: Class for parsing and generating Snort Rules
 test_files:
 - test/helper.rb
 - test/test_snort-rule.rb
+- test/test_snort_rule_option.rb

metadata.gz.sig CHANGED Viewed

Binary file