[Oisf-users] Error trying to create basic rule
Eric Leblond
eric at regit.org
Fri Sep 30 23:01:42 UTC 2016
Hi,
On Fri, 2016-09-30 at 15:59 -0700, Jean Tourrilhes wrote:
> Hi,
>
> I've compiled suricate 3.1.2 on Debian, and I was trying to
> install some very basic rule that I tested previously with snort. I'm
> getting an error that I don't know how to fix...
>
> /etc/suricata/rules/local.rules :
> -----------------------------------------------
> alert icmp any any -> $HOME_NET any (msg:"ICMP test detected";
> sid:1000001)
you miss the semi comma ';' after sid.
> drop tcp any any -> any 23 (msg: "Drop telnet packets"; sid: 1000002)
idem.
++
--
Eric Leblond <eric at regit.org>
More information about the Oisf-users
mailing list