Qual è l'intervallo di valori per il parametro 'priority' in una regola Snort? La documentazione non lo rende chiaro:
The priority tag assigns a severity level to rules. A classtype rule assigns a default priority (defined by the config classification option) that may be overridden with a priority rule. Examples of each case are given below.
Format
priority:<priority integer>;
Examples
alert tcp any any -> any 80 (msg:"WEB-MISC phf attempt"; flags:A+; \ content:"/cgi-bin/phf"; priority:10;)
alert tcp any any -> any 80 (msg:"EXPLOIT ntpdx overflow"; \ dsize:>128; classtype:attempted-admin; priority:10 );