Snort mailing list archives
SNORT compilation in ECLIPSE
From: patricio <paponcio6 () gmail com>
Date: Mon, 28 Jan 2013 17:47:42 -0300
Does Any one know how do I compile the follwing code in Eclipse thank you. #include <stdio.h> #include <stdlib.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/un.h> #include <signal.h> #include "snort.h" int sockfd; void sig_term (int sig) { printf ("Exiting!\n"); close (sockfd); unlink (UNSOCK_FILE); exit (1); } int main (void) { struct sockaddr_un snortaddr; struct sockaddr_un bogus; Alertpkt alert; Packet *p; int recv; socklen_t len = sizeof (struct sockaddr_un); if ((sockfd = socket (AF_UNIX, SOCK_DGRAM, 0)) < 0) { perror ("socket"); exit (1); } bzero (&snortaddr, sizeof (snortaddr)); snortaddr.sun_family = AF_UNIX; strcpy (snortaddr.sun_path, UNSOCK_FILE); if (bind (sockfd, (struct sockaddr *) &snortaddr, sizeof (snortaddr)) < 0) { perror ("bind"); exit (1); } signal(SIGINT, sig_term); while ((recv = recvfrom (sockfd, (void *) &alert, sizeof (alert), 0, (struct sockaddr *) &bogus, &len)) > 0) { /* do validation of recv if you care */ if (!(alert.val & NOPACKET_STRUCT)) { if ((p = calloc (1, sizeof (Packet))) == NULL) { perror ("calloc"); exit (1); } p->pkt = alert.pkt; p->pkth = &alert.pkth; if (alert.dlthdr) p->eh = (EtherHdr *) (alert.pkt + alert.dlthdr); if (alert.nethdr) { p->iph = (IPHdr *) (alert.pkt + alert.nethdr); if (alert.transhdr) { switch (p->iph->ip_proto) { case IPPROTO_TCP: p->tcph = (TCPHdr *) (alert.pkt + alert.transhdr); break; case IPPROTO_UDP: p->udph = (UDPHdr *) (alert.pkt + alert.transhdr); break; case IPPROTO_ICMP: p->icmph = (ICMPHdr *) (alert.pkt + alert.transhdr); break; default: printf ("My, that's interesting.\n"); } /* case */ } /* thanshdr */ } /* nethdr */ if (alert.data) p->data = alert.pkt + alert.data; /* now do whatever you want with these packet structures */ } /* if (!NOPACKET_STRUCT) */ printf ("%s [%d]\n", alert.alertmsg, alert.event.event_id); if (!(alert.val & NOPACKET_STRUCT)) if (p->iph && (p->tcph || p->udph || p->icmph)) { switch (p->iph->ip_proto) { case IPPROTO_TCP: printf ("TCP from: %s:%d ", inet_ntoa (p->iph->ip_src), ntohs (p->tcph->th_sport)); printf ("to: %s:%d\n", inet_ntoa (p->iph->ip_dst), ntohs (p->tcph->th_dport)); break; case IPPROTO_UDP: printf ("UDP from: %s:%d ", inet_ntoa (p->iph->ip_src), ntohs (p->udph->uh_sport)); printf ("to: %s:%d\n", inet_ntoa (p->iph->ip_dst), ntohs (p->udph->uh_dport)); break; case IPPROTO_ICMP: printf ("ICMP type: %d code: %d from: %s ", p->icmph->type, p->icmph->code, inet_ntoa (p->iph->ip_src)); printf ("to: %s\n", inet_ntoa (p->iph->ip_dst)); break; } } } perror ("recvfrom"); close (sockfd); unlink (UNSOCK_FILE); return 0; } ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms Pablo Cantos (Jan 26)
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms Joel Esler (Jan 26)
- <Possible follow-ups>
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin (Jan 26)
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin (Jan 28)
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms Pablo Cantos (Jan 28)
- SNORT compilation in ECLIPSE patricio (Jan 28)
- Re: Optimized implementation of AC and AC_Q pattern matching algorithms abed mohammad kamaluddin (Jan 28)