RE: Snort &postgresql (possibly stupid question department)

[Mark Forsyth <forsythm () optushome com au>]

Hi folks,

         Thanks for all the replies. I've had a few private e-mails all 
saying essentially the same thig. I'm currently rebuilding postgres with 
PLPerl which seems to me to be the way to go for my usage...

Ooroo
Mark F...


On Monday, October 22, 2001 6:45 PM, Roberto Suarez Soto 
[SMTP:robe () alfa21 com] wrote:
> On Oct/22/2001, Mark Forsyth wrote:
>
> > Hiya,
> >      Maybe I've lost the plot completely but.. Snort stores IP 
addresses (
> > Ip_src & ip_dst ) in the iphdr table as a bigint so a select of that 
table
> > returns ...:-
>
>       As I parse the data from the DB with Perl, I made a quick dirty
> function to parse a bigint into a "normal" IP address. Maybe it's useful 
:-)
> sub bigint2ip ($)
> {
>         my $bigint = shift;
>         my $ip = "";
>         my $tmp = $bigint;
>
>         for (my $i=32; $i > 0; $i-=8) {
>                 $ip = ($tmp & 255) . ".$ip";
>                 $tmp = $tmp >> 8;
>         }
>
>         chop($ip);
>         return $ip;
> }
>
>       I guess it's trivial to "port" it to any another language. But I'm
> also sure that there are better ways to do it :-)
>
> --
> Roberto Suarez Soto                                   Alfa21 Outsourcing
>     robe () alfa21 com                                     http://www.alfa21.com
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users