[Snort-inline-users] Signature Set question

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi, I'm new to Snort-Inline.  I have a system working happily, and wanted
to inquire about the two configuration files in the 'etc' directory of the
snort_inline source tree.

So, I figure that the 'snort_inline.conf' is the one I want, but doing a
diff with the 'snort.conf' shows that there are some xxx.rules files
commented out on snort_inline.conf vs. snort.conf and visa versa.

Is there any particular reason for this difference?

Also, is there a maintained database of snort_inline signature ruleset
much like the snort signature ruleset database?  Or are they one and the
same?

Would setting all references to 'alert' to (drop|sdrop|reject) just do the
trick, or has someone gone through the rules to selectively elect the best
responses when looking at the original snort IDS based action signatures?

Also, it may be just me or by design, but doing 'make install' in the
2.1.3b tree ignored all the configuration related files.

Thanks in advance,

Peter