def _make_rule(self, **kwargs):
rule = SnortRule()
rule.msg = '"Trojan.Gen"'
content = kwargs.get('content')
uricontent = kwargs.get('uricontent')
dst_port = kwargs.get('dst_port')
ref = kwargs.get('ref')
protocol = kwargs.get('protocol')
dst_port = kwargs.get('dst_port')
if protocol is not None:
rule.protocol = protocol
if dst_port is not None:
rule.dst_port = dst_port
if content is not None:
rule.content = content
if uricontent is not None and uricontent != '/':
rule.uricontent = uricontent
if ref is not None:
rule.ref = ref
# pattern['sid'] = sid
self.rules.append(rule)
self._log_rules(rule, ref[0].split(',')[-1])
def _make_rule(self, **kwargs):
rule = SnortRule()
rule.msg = '"Trojan.Gen"'
content = kwargs.get('content')
uricontent = kwargs.get('uricontent')
dst_port = kwargs.get('dst_port')
ref = kwargs.get('ref')
protocol = kwargs.get('protocol')
dst_port = kwargs.get('dst_port')
if protocol is not None:
rule.protocol = protocol
if dst_port is not None:
rule.dst_port = dst_port
if content is not None:
rule.content = content
if uricontent is not None and uricontent != '/':
rule.uricontent = uricontent
if ref is not None:
rule.ref = ref
# pattern['sid'] = sid
self.rules.append(rule)
self._log_rules(rule, ref[0].split(',')[-1])
