Chapter 29 IDP
Table 138 ZyWALL - Snort Equivalent Terms (continued)
ZYWALL TERM | SNORT EQUIVALENT TERM |
Flow | flow |
|
|
Flags | flags |
|
|
Sequence Number | seq |
|
|
Ack Number | ack |
|
|
Window Size | window |
|
|
Transport Protocol: UDP | (In Snort rule header) |
|
|
Port | (In Snort rule header) |
|
|
Transport Protocol: ICMP |
|
|
|
Type | itype |
|
|
Code | icode |
|
|
ID | icmp_id |
|
|
Sequence Number | icmp_seq |
|
|
Payload Options | (Snort rule options) |
|
|
Payload Size | dsize |
|
|
Offset (relative to start of payload) | offset |
|
|
Relative to end of last match | distance |
|
|
Content | content |
|
|
nocase | |
|
|
Decode as URI | uricontent |
|
|
"Not all Snort functionality is supported in the ZyWALL.
444 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|