/* more logic in satisfying the conditions */
rule strings_and_things
{
meta:
	author = "sir"
	date = "20110429"
	type = "String Match"
	description = "Matching strings in content"
	trigger = "true"
strings:
	$a = "foo"
	$b = "bar"
	$c = "baz"
	$d = "orgle"
condition:
	$a or ($b and $c) or $d
}

rule more_strings_and_things
{
meta:
	author = "sir"
	date = "20110429"
	type = "String Match"
	description = "Matching any 2 strings in content"
	trigger = "true"
strings:
	$s1 = "foo"
	$s2 = "bar"
	$s3 = "baz"
	$s4 = "orgle"
condition:
	/* 2 of ($s*) is equivalent to the following */
	2 of ($s1,$s2,$s3,$s4)
}