Writing normalizer for snort

[Harry Härpfer <highend () onycs com>]

Hello,

I'm a computer science student and for my bachelor thesis I need to implement BACnet/IP (UDP) support in 
snort. Means to write a normalizer for the BACnet/IP network and application layers (w/o the rules). 

As snort is all new to me it would be of great help if anyone could give me a short overview on how the normalizer code 
works and which parts of the source code would be involved in implementing BACnet/IP support.

I'm not really a professional C programmer therefor extracting these informations from the code is a bit of a hassle 
for me.

Also any links to more specific documentation than the README files and the user manual are welcome.

Thx in advance.


------------------------------------------------------------------------------
November Webinars for C, C++, Fortran Developers
Accelerate application performance with scalable programming models. Explore
techniques for threading, error checking, porting, and tuning. Get the most 
from the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!