external internet/process calls from a preprocessor

[David Cann <dlcann () engmail uwaterloo ca>]

I've got snort 2.4.4 running inline on a dedicated box, and I'm trying 
to use the gethostbyname() function to make a simple DNS call when a set 
of criteria is true. This code is contained in a preprocessor which 
otherwise works fine. When the criteria are satisfied, the DNS call 
invariably fails to work; it doesn't time out, it just fails outright, 
as if it has no access to the internet.

Running the exact same code in a standalone program outside of Snort, 
works fine. So my backup idea was to invoke a standalone program each 
time the criteria is met, and pass arguments back and forth. This 
doesn't seem to work either, it's as if snort disallows such 
functionality, even when running in daemon mode.

I admit I am a terrible, novice C programmer. But can anybody provide 
some insight into either A) snort not being able to make DNS calls from 
a preprocessor, or B) snort not invoking an external process and passing 
arguments?

Thanks in advance,
--Dave


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users