Trying to add an email plugin

["Michael Scheidell" <scheidell () fdma com>]

I wanted to add an email plugin JUST LIKE  the smb alert plugin.

just for kicks, I took the original alert_smb and edited ONLY THE smbclient
section (put in sendmail -oi)
(well, I also had to increase the buffer since I wasn't getting the whole
alert, lots of headers including X-Priorty: 1)
edited the smb-users-file, (put in scheidell () fdma com) and it worked , I
changed smb alerts to smtp (email ) alerts.

they I wanted to do it right.
I restored the alert_smb file,
copied the spo_alert_smb.c and .h to spo_alert_smtp.c and .h
I edited things like SetupAlertSmb to be SetupAlertSmtp
I changed smbclient -U Nessus -M % to be
sendmail -oi

I added spo_alert.smtp.c and .o to the correct places in the Makefile
I looked in other files for SetupAlertSmb (or ANYthing 'AlertSmb') and
thought I duplicated it as xxxxAlertSmtp'

Compiled it, sendmail is in the binary (strings snort | grep sendmail)
I added alert_smtp to the snort.conf,pointed it to a smtp-users-file with
'scheidell () fdma com' in it
sighuped snort and nothing happened.

so, where else should I look?

--
Michael Scheidell
Florida Datamation, Inc.
scheidell () fdma com 1+(561) 368-9561



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users