doc: Minor changes in structuring of HTTP Keywords / Snort differences

7 years ago · f6c766112c
parent e9b25988ba
commit f6c766112c
2 changed files with 6 additions and 19 deletions
--- a/doc/userguide/rules/differences-from-snort.rst
+++ b/doc/userguide/rules/differences-from-snort.rst
@ -2,19 +2,12 @@
 Differences From Snort
 ======================

-Overview
--------
 This document is intended to highlight the major differences between Suricata
 and Snort that apply to rules and rule writing.

 Where not specified, the statements below apply to Suricata.  In general,
 references to Snort refer to the version 2.9 branch.

-Contents
--------
-
-.. contents::
-
 Automatic Protocol Detection
 ----------------------------

--- a/doc/userguide/rules/http-keywords.rst
+++ b/doc/userguide/rules/http-keywords.rst
@ -1,5 +1,3 @@
-:tocdepth: 2
-
 HTTP Keywords
 =============
 .. role:: example-rule-emphasis
@ -22,7 +20,7 @@ refresher:

      alert http any any -> any any (http_response_line; content:"403 Forbidden"; sid:1;)

-The following request keywords are available:
+The following **request** keywords are available:

 ============================== ======================== ==================
 Keyword                        Sticky or Modifier       Direction
@ -50,7 +48,7 @@ http_protocol                  Sticky Buffer            Both
 http_header_names              Sticky Buffer            Both
 ============================== ======================== ==================

-The following response keywords are available:
+The following **response** keywords are available:

 ============================== ======================== ==================
 Keyword                        Sticky or Modifier       Direction
@ -70,11 +68,12 @@ http_protocol                  Sticky Buffer            Both
 http_header_names              Sticky Buffer            Both
 ============================== ======================== ==================

+HTTP Primer
+-----------
 It is important to understand the structure of HTTP requests and
 responses. A simple example of a HTTP request and response follows:

-HTTP request
------------
+**HTTP request**

 ::

@ -86,8 +85,7 @@ HEAD, etc. The URI path is ``/index.html`` and the HTTP version is
 the versions 0.9, 1.0 and 1.1, 1.0 and 1.1 are the most commonly used
 today.

-HTTP response
-------------
+**HTTP response**

 ::

@ -178,10 +176,6 @@ Example of the purpose of ``http_uri``:

 .. image:: http-keywords/uri.png

-Example of the purpose of ``http_raw_uri``:
-
-#.. image:: http-keywords/raw_uri.png
-
 uricontent
 ----------