Help Developing Snort "Hello World" Dynamic Preprocessor

[Fuat Yosanto <mbahe_suro () students ittelkom ac id>]

Hi all,

Actually I have a problem when creating my own dynamic-preprocessor.
(See my previous email with subject : Linking custom dynamic-preprocessor)
Seems like my dynamic-preprocessor hasn't been executed by Snort (loaded
successfully but didn't work).
I can't figure out what's wrong with it. May be something is missing.
I have tried modifying Snort dynamic-preprocessor example to do same
process with my dynamic-preprocessor.
It works, but I can't satisfy my needs, because of its directory
position, and naming problem.

So to understand what are the minimum requirements to build
dynamic-preprocessor,
I am looking for a basic example code like "hello world" Snort
dynamic-preprocessor.

Here, I have created the prototype of "hello world" Snort
dynamic-preprocessor.
The idea is simple, it will log message when it finds any kind of packet.
Additionally it can identify TCP, UDP, and ICMP packet.

Assume that we have done any setup things to integrate this
dynamic-preprocessor in Snort sources
such as editing generators.h, preprocids.h, Makefile.am, re-running
autotools, etc.

These are the sources :
Directory : src/dynamic-preprocessor/hello

========================
File name : spp_hello.c
========================
#include "preprocids.h"
#include "sf_snort_packet.h"
#include "sf_dynamic_preprocessor.h"
#include "sf_dynamic_preproc_lib.h"
#include "sf_snort_plugin_api.h"
#include "sfPolicy.h"
#include "sfPolicyUserData.h"

#define GENERATOR_SPP_HELLO                    230

extern DynamicPreprocessorData _dpd;

static void HelloInit(char *);
static void HelloProcess(void *, void *);

void HelloSetup()
{
    _dpd.registerPreproc("hello", HelloInit);
}

static void HelloInit(char *args)
{
    _dpd.addPreproc(HelloProcess, PRIORITY_TRANSPORT, PP_HELLO,
PROTO_BIT__TCP | PROTO_BIT__UDP | PROTO_BIT__ICMP);
}

static void HelloProcess(void *pkt, void *context)
{
    SFSnortPacket *p = (SFSnortPacket *)pkt;
    if(IsTCP(p))
    {
            _dpd.logMsg("Hello : Got TCP packet!\n");
    }
    else if(IsUDP(p))
    {
        _dpd.logMsg("Hello : Got UDP packet!\n");
    }
    else if(IsICMP(p))
    {
        _dpd.logMsg("Hello : Got ICMP packet!\n");
    }
    else
    {
        _dpd.logMsg("Hello : Got unknown packet!\n");
    }
}

===============================
File name : sf_preproc_info.h :
===============================
#ifndef SF_PREPROC_INFO_H_
#define SF_PREPROC_INFO_H_

#define MAJOR_VERSION   1
#define MINOR_VERSION   0
#define BUILD_VERSION   1
#define PREPROC_NAME    "HelloWorld_Preprocessor"

#define DYNAMIC_PREPROC_SETUP   HelloSetup
extern void HelloSetup();

#endif

So here I need a help to fix & improve them, beacuse those are still not
working.
There should be something missing, something wrong, or something
unnecessary.

------------------------------------------------------------------------------
The Palm PDK Hot Apps Program offers developers who use the
Plug-In Development Kit to bring their C/C++ apps to Palm for a share
of $1 Million in cash or HP Products. Visit us here for more details:
http://p.sf.net/sfu/dev2dev-palm
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel