List of rule options

[Frank Knobbe <fknobbe () knobbeits com>]

Greetings,

is there somewhere a list of rule options for 1.9 and 2.0? I'm trying to
clean up and backport the Snort-Current rules to 1.9, but I need to now
which options are or are not supported (Can you tell I have been out of
the loop for a bit?)

So far I have byte_test and byte_jump as two options that are valid in
Snort 2.0 but not 1.9. While running a diff against Snort_1_9 rules
o(from CVS) and Snort-current, I see a lot of other changes. For
example, the flags: option is being replaced with flow: option. Is flow
available in Snort 1.9 (My guess is yes, but I want to make sure). Are
there are other options, or is there a chart that outlines allowed
options for each Snort version?

Thanks,
Frank

Attachment: signature.asc
Description: This is a digitally signed message part