Re: Snort 2.8 Beta Available on CVS

[Dirk Geschke <Dirk_Geschke () genua de>]

Hi Justin,

> Unified2 supports IPv6.

yes, but this does not answer the question how this will fit in 
the database.

I guess barnyard is not able to work with unified2, or? And if so there
is still the question how (or where) to insert IPv6 alerts.

Maybe we have to extend the database scheme by an IpHdr6 table and a field
where we mention which IP version belongs to the alert so that we can check
the right tables? And I think we need also fields for header extensions...

I think this is not a big deal but one has to find a scheme which can be
used by all and should not break with the old one. Or we schould create
a complete new scheme?

Best regards

Dirk



-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users