Snort mailing list archives
Re: How to get details of Packet data structure
From: Russ Combs <rcombs () sourcefire com>
Date: Mon, 5 Aug 2013 10:20:22 -0400
On Mon, Jul 29, 2013 at 9:51 AM, Saeed Adel Mehraban <s.adel07 () gmail com>wrote:
H i there, I am trying to develop a preprocessor for snort and I need to be familiar with Packet data structure. But I could not find anything in user manual or anywhere else. Also there is not much information in decoder.h (I think that's where Packet fields came from). What can I do?
Take another look at decode.h. That is what defines the Packet struct. If you are creating a dynamic preprocessor, you must use the SFSnortPacket defined in dynamic-plugins/sf_engine/sf_snort_packet.h.
------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ Get your SQL database under version control now! Version control is standard for application code, but databases havent caught up. So what steps can you take to put your SQL databases under version control? Why should you start doing it? Read more to find out. http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- How to get details of Packet data structure Saeed Adel Mehraban (Aug 05)
- Re: How to get details of Packet data structure Russ Combs (Aug 05)