Path: csiph.com!x330-a1.tempe.blueboxinc.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!news.linkpendium.com!news.linkpendium.com!news.iecc.com!nerds-end
From: Tony Finch <dot@dotat.at>
Newsgroups: comp.compilers
Subject: Re: Inverse grep
Date: 13 Jun 2011 17:48:13 +0100 (BST)
Organization: dotat labs
Lines: 17
Sender: news@iecc.com
Approved: comp.compilers@iecc.com
Message-ID: <11-06-021@comp.compilers>
References: <11-06-015@comp.compilers> <11-06-018@comp.compilers>
NNTP-Posting-Host: news.iecc.com
X-Trace: gal.iecc.com 1308093967 16633 64.57.183.58 (14 Jun 2011 23:26:07 GMT)
X-Complaints-To: abuse@iecc.com
NNTP-Posting-Date: Tue, 14 Jun 2011 23:26:07 +0000 (UTC)
Keywords: lex
Posted-Date: 14 Jun 2011 19:26:07 EDT
X-submission-address: compilers@iecc.com
X-moderator-address: compilers-request@iecc.com
X-FAQ-and-archives: http://compilers.iecc.com
Xref: x330-a1.tempe.blueboxinc.net comp.compilers:147

Chris F Clark <cfc@shell01.TheWorld.com> wrote:
>
>Actually, most "intrusion detection systems" (IDSes, e.g. Snort) and
>virus scanners (e.g.  ClamAV) are essentially just that.  Given a
>packet, the contents of the packet are inspected to see which if any
>patterns are matched and if so, the relevant pattern [numbers] are
>reported.

Another tool to look at is re2c which can be used with SpamAssassin to
compile its rule regexes.

Tony.
--
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/
Faeroes, South-east Iceland: Variable 3 or 4 becoming north or northwest 4 or
5. Moderate. Occasional rain. Moderate or good.