fwsnort translates snort rules into an equivalent iptables ruleset. By making use of the iptables string match module, fwsnort can detect application layer signatures which exist in many snort rules. fwsnort adds a --hex-string option to iptables, which allows snort rules that contain hex characters to be input directly into iptables rulesets without modification. In addition, fwsnort makes use of the IPTables::Parse Perl module in order to (optionally) restrict the snort rule translation to only those rules that specify traffic that could potentially be allowed through an existing iptables policy. License: GNU General Public License (GPL) Changes: A major signature update from Bleeding Threats. This update includes a large number of new signatures with PCRE statements, with an emphasis on detecting SQL injection attacks directed at internal Web servers from external sources. The ability to interpret PCRE statements that include simple string matches separated by ".*" and ".+" as multiple iptables string matches has been added. The asn1 keyword has been added to the unsupported list.

	Read more at FreshMeat
	www.pheedo.com/click.phdo?i=4f60ed7982bf032f82955e22078e29f9