Hi Jason,
I looked into the rule_combine script and made some
thoughts about it:
You have a config section which maybe could be better
placed into config.php. This will be simplify the
upgrade-process on next release: One place for the
configureation, to keep track on.
To be inserted into config.php:
---8<---
/*
* For Rules-Download used in scripts/rule_combine
*/
/* Snortcenter rules archive directory, Set this to
point to the /rules directory where you have
snortcenter installed */
$RULESDIR="/var/www/html/snortcenter-release/rules";
/* Insert you Oinkcode from Sourcefire here. */
$SOURCEFIRE_OINKCODE="Enter your Oinkcode here";
$SOURCEFIRE_VERSION="2.3";
---8<---
I attached to patch for rule_combine to work with this.
Best Regards,
Dirk
