Re: Barnyard and ACID question

[Wozz <wozz+snort () wookie net>]

On Tue, Nov 06, 2001 at 10:14:34PM -0800, Andrew R. Baker wrote:
> Steve Halligan wrote:
> > I am having this problem also.  OpenBSD 2.9-release here.  Barnyard from CVS
> > today.  snort-unified-logfile is attached.
> > I also noticed that sometimes (although not in this logfile, I believe)  the
> > ordering of the source ip address backwards also a.b.c.d becomes d.c.b.a.
> > The dest ip is unaffected.
>
> I have fixed the problem with byteswapped port numbers in the db output
> plugin.  The new code is in CVS.  It was a case where I was converting a
> number that had already been converted.  As for reversed IP addresses, I
> would be interested in seeing the log file where this happens.  I
> checked all of the places where the src IP is inserted and they all look
> okay.  

FWIW, I've never seen this problem, just the port problem consistantly.
Thanks for the fix, I'll upgrade and see how it works.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users