Errors parsing network info #151
Description
Hi,
refering to network examples in these sections of docs:
Negated lists
s := `alert tcp any any -> any ![80,443,9000] (msg:"test"; content:"123"; sid:1; rev:1;)`
r, _ := gonids.ParseRule(s)
fmt.Println(r)
outputs
alert tcp any any -> any [![80,443,9000] (msg:"test"; content:"123"; sid:1; rev:1;)
and
s := `alert tcp any any -> ![1.1.1.1,1.1.1.2] any (msg:"test"; content:"123"; sid:1; rev:1;)`
r, _ := gonids.ParseRule(s)
fmt.Println(r)
outputs
alert tcp any any -> [![1.1.1.1,1.1.1.2] any (msg:"test"; content:"123"; sid:1; rev:1;)
which is invalid.
Spaces in network components
Gonids outputs error when network components contain spaces. Spaces in list of IPs(ranges)/ports are valid based on the examples in docs and my experiments.
s := `alert tcp any any -> [1.1.1.1, 1.1.1.2] any (msg:"test"; content:"123"; sid:1; rev:1;)`
_, err := gonids.ParseRule(s)
if err != nil {
fmt.Println(err)
}
outputs
network component contains spaces: 1.1.1.2] any
Same it goes for list of ports.
Can you please give me any hints where in gonids these issues can be addressed?