Unless I’m just not seeing it, there isn’t a way to differentiate alerts from drops with BASE for snort.  They all appear the same, and unless you know the the sid or the .rules file, all the information looks the same.  To help alleviate this, and give users the abillity to see rules that are dropping packets at a glance, I decided to task Oinkmaster.pl with this job.  Adding the phrase “DROPPED” to the end of the “msg:” section of the signature will make it appear that way in BASE and Aanval can now send an email whenever one of these rules are kicked off.
To do so simply add the following to your oinkmaster.conf file:

modifysid sid or rule “(.*msg:\s*”.+?)”(\s*;.+;)” | “${1}, DROPPED”${2}”

One of my biggest peeves about Snort and running it inline is having to restart the Snort process to load new rules.  This had me worried with putting snort into production as it would make it awfully hard to tweak it while live.

Today I was browsing the Snort manual and found two short paragraph’s relating to the “–enable-reload” option.  Wha?  Why didn’t I find this earlier?  After a quick recompile with the “–enable-reload” command.  What a life saver this will be when we go live!

After using that option, you can simply issue a “kill -SIGHUP pid” to have it reload without restarting!

Check out the pg 107 of the Snort manual though, as some changes require a restart, so your not going to get off completely scott free.

Boy, when I started down the process of trying to get an IPS system setup, I had no idea what I was getting myself into.  I’m not much of a security guy or a linux guy, but I thought I’d give it a go.  I followed many different guides that all worked great for me, and thank you to those who put the following guides together: http://ubuntuforums.org/showthread.php?t=919472,  http://www.openmaniak.com/inline.php,  http://forum.learnit.vn/showthread.php?p=7007

If you have information you’d like to share and include in The Hatch, please feel free to use the link at the top of the page titled “Submit Hatch Information”.  You will be presented with a form asking for the state, river name, bug, and month’s you’ll find the bug hatching. These updates will be included in periodic updates to the app.

Thanks everyone.

After the purchase of a new MacBook Pro about a year ago, I thought you know what?  I’m going to try and develop an app.  I hadn’t seen anything related to fly fishing and thought maybe I could create an app that provides a hatch chart for rivers across the US!

Working on a new feature as I can find the time.  I think you’ll all enjoy it.

Waiting for the new version has been like having to wait for the salmonflys on the Deschutes!  It’s finally here again and I’m really excited about the new release!  Make sure to check out the updated version of The Hatch 2 for your iPhone or iPod Touch!  Version 2.0.4 boasts a new logo and PICTURES, and lots of them!

You can find it over on iTunes: http://www.itunes.com/apps/thehatch

Make sure you check out the new website for the app over at http://www.thehatchapp.com

An update to the lite version will be coming shortly, so hang in there.

Some of you may have noticed “The Hatch” isn’t on the app store right now, well, your right.  Unfortunately I had to pull it from the App Store due to an issue with the logo.  A new version has been submitted to Apple, and now it’s just the waiting game until it’s approved.

Sorry for the inconvenience, it should be resolved shortly.  I think most everyone will be very excited for the next version 2.0.4….can anyone say “pictures”?

Over the past couple weeks there has been a number of blogs and sites mentioning The Hatch 2.  It’s certainly fun to see that people are enjoying it enough and willing to take a good look at it!  Many of these are great blogs that certainly deserve a spot on your RSS feed if not already!

The following is a list of where you can find various reviews and posts:

http://www.flyfishingnotes.com/2009/08/20/hatch-2-0-ipod-and-iphone-app/

http://www.paflyfish.com/modules/smartsection/item.php?itemid=102

http://thesierranevadas.com/?cat=6

http://wcflies.com/blog/2009/08/yeah-theres-an-app-for-that/

http://www.otterbox.com/employee-spotlight-mary-knaus/

http://www.dsflyfishing.com/fishing-blog/the-hatch-2-fly-fishing-app-for-iphone.html

http://www.kiene.com/forums/showthread.php?t=17442

http://www.moldychum.com/home-old/2009/10/6/hatch-chart-app-on-itunes.html

http://eastcoastangler.blogspot.com/2009/10/best-iphone-fly-fishing-app-hatch.html

http://www.facebook.com/fishpond.usa?ref=mf

http://blog.fishykid.org/10/07/2009/112

http://thefiberglassmanifesto.blogspot.com/2009/10/iphone-hatch-app.html

http://thenorthernangler.blogspot.com/2009/10/hatch-2-for-iphone.html

http://flyfishingsherpa.com/the-hatch-2-for-fly-fishing-theres-an-iphone-app-for-that/

http://mouching.wordpress.com/2009/11/14/la-bonne-mouche-est-au-bout-du-fil/

There is a new front page for The Hatch 2!

Check out http://www.thehatchapp.com

A blog dedicated to The Hatch 2 will be coming along in the future.