How to install a VIM syntax file for use editing SNORT rule files.
What is in this directory?
A vim snort syntax file and instructions on how to set vim up to use it.
Why?
To assist in correctly creating a snort rules file.
Requirements:
1. VIM - ViIMproved programmers text editor
http://www.vim.org/
2. Knowledge of, and ability to, modify some vim control files.
On my Debian Linux system:
a. VIM looks for the file ~/.vimrc before falling back to the default
found in /etc/vimrc.
b. VIM runtime control files and documentation can be found in
/usr/share/vim/vim56
% export VIMRUNTIME=/usr/share/vim/vim56
3. The file "hog.vim", for want of a better name (suffix), found in
hog-vim.tgz.
First some instructions to try this thing out.
Get in the directory "hog-vim-1.9" which is defined in the tarfile hog-vim.tgz.
% vim snort.conf
:syntax manual
:so hog.vim
If you want to create html of the rules file (color),
:so $VIMRUNTIME/syntax/2html.vim
Your current window should be the one with the html, save it to a file
for viewing by a web browser.
(If you need to position the cursor in the html window, then just type
CTRL-w a few times until you are there.)
How to install the file hog.vim on a linux system (assumes vim is installed)
a. Insert the following in file $VIMRUNTIME/filetype.vim
" snort rules syntax
au BufNewFile,BufRead *.hog,*.rules,snort.conf set ft=hog
^ ^ ^ note these are names I use
b. Insert the followin in file $VIMRUNTIME/syntax/synload.vim
SynAu hog
c. Copy hog.vim into the syntax directory.
#cp hog.vim $VIMRUNTIME/syntax/hog.vim
d. If necessary, modify your personal vim rc file ~/.vimrc to enable
syntaxhighlighting.
Look for this 3 line section:
"if has("syntax")
" syntax on
"endif
And, if necessary, remove the quote marks at the beginning of the 3 lines.
That should do it. Please send questions, fixes, improvements to: cpw@lanl.gov
Thanks,
Phil