Note: The script performs a syntax check on the input file. If there are
errors, you are prompted to enter the file name again. The entry must be
made at the prompt; if the Enter key is pressed erroneously such that the
entry cannot made at the prompt, enter

Ctrl-C to halt the configuration

process, and then enter

gmake to begin again.

Dynamic Rules

Enter the number of dynamic rules to synthesize.

•

If you enter one of the sample Snort rules files, choose the minimum
number of dynamic rules; otherwise, the placing may fail.

•

If you are using fewer static rules, you can increase the number of
dynamic rules up to approximately 30 for each channel (60 in total) (see

Figure 35 on page 58

Note: The number of dynamic rules specified in this option is guideline that
the compiler uses to reserve space on the FPGA. The number you choose
is the approximate number of rules you will be able to configure at runtime.
The amount of space a rule consumes varies based on the complexity of
the rule. Therefore, you might not be able to compile as many dynamic
rules as specified in this option if the rules are complex.

meta.rules

The pnic-Compiler prepends a set of fixed rules called meta.rules —
located in the pnic-compiler/rules directory. The rules in this file report on
flow information and provide compatibility with Snort; include or exclude
this file considering that including them allows you to run Snort on the DPI
interface.

It is best to include this file if Snort is being used as the front end. If not
using Snort as the front end, these rules should not be included or they
should be changed to accommodate other packet analysis requirements
(see

Figure 36 on page 59

Advertising

Popular Brands

Popular manuals