The depth keyword allows the rule writer to specify how far into a packet Snort should search for the specified pattern. depth modifies the previous `content' keyword in the rule.
A depth of 5 would tell Snort to only look for the specified pattern within the first 5 bytes of the payload.
As the depth keyword is a modifier to the previous content keyword, there must be a content in the rule before depth is specified.
This keyword allows values greater than or equal to the pattern length being searched. The minimum allowed value is 1. The maximum allowed value for this keyword is 65535.
The value can also be set to a string value referencing a variable extracted by the byte_extract keyword in the same rule.