Starting and stopping the pnic-compiler, Maximum string, Confirmation – Force10 Networks PSeries 100-00055-01 User Manual

60

Compiling Rules

Figure 37 pnic-Compiler Option 8-9

Please choose the maximum number of bytes per signature (1024 recommended).
Selecting a small number allows larger sets of signatures
at the expense of more false positives.
1) 16
2) 32
3) 64
4) 96
5) 128
6) 256
7) 512
8) 1024
#? 8

Enter the firmware base-image name (press the Enter key to retain the default name:
"snort_dos.rules.xc4vlx200-ff1513.10.10.32"): snort_dos.rules

Selected configuration:
Signature files

: snort/dos.rules

Firmware name

: snort/dos.rules

Firmware file

: snort_dos.rules.bit

Mapping for ch 0 :

snort_dos.rules.0.mapping

Mapping for ch 1 :

snort_dos.rules.1.mapping

PNIC device

: xc4vlx200-ff1513

Include meta rules : yes
Include evasion rules : yes
Dynamic rules CH 0 : 10
Dynamic rules CH 1 : 10
Max string

: 32

To generate new PNIC firmware with the above configuration
Select Save_configuration and run make
The compilation process will create the file: snort_rules.sample.xc4vlx200-ff1513.20.20.2048.N.Y.N.N
1) Save_configuration
2) Exit

Summary of configuration

Starting and Stopping the pnic-Compiler

Enter the keyboard command

Ctrl-C

or a SIGINT signal to interrupt the compilation or configuration

process. Enter

gmake

to restart the process from where it was interrupted. The compilation process

restarts at the point where it was halted; the configuration process restarts from the beginning.

During compilation, enter

Ctrl-C

followed by

gmake clean

to regenerate firmware with different

options. This erases the current configuration and resets the compilation process. Previously generated
firmware files are not erased.