Snort mailing list archives

Previous By Date Next
Previous By Thread Next

SnortSP: adding analyzer

From: Tako Chanz <tako_chanz () hotmail com>
Date: Thu, 23 Jun 2011 21:34:09 +0000

Hi all,

I need some help on understanding SnortSP.

using the dummy lua analyzer(snort_funcs.lua in the etc folder) for example and my questions are:

1. How to get SnortSP to load and run this analyzer at startup?
2. with function lua_analyzer (buf, offset, proto, dport),
     1. is the param args feed by the framework?
     2. what is offset and buf point to?

Is there any more documentation on how to create analyzer in lua?


Thank you all guru!
Tako,
                                          
------------------------------------------------------------------------------
Simplify data backup and recovery for your virtual environment with vRanger.
Installation's a snap, and flexible recovery options mean your data is safe,
secure and there when you need it. Data protection magic?
Nope - It's vRanger. Get your free trial download today.
http://p.sf.net/sfu/quest-sfdev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Previous By Date Next
Previous By Thread Next

Current thread: