Re: Doubt in development

[Russ Combs <rcombs () sourcefire com>]

If you are reading the code:

-- you might start with fpEvalPacket() in src/fpdetect.c and dig in

If you are looking for output:

-- check the manual for config detection: debug* options
-- configure --enable-debug --enable-debug-msgs and export the flags of
interest from snort_debug.h

Ultimately:

-- gdb snort

There is really no better way to get the info you need about the code than
to step through it with a debugger.

Have fun!
Russ

On Thu, Feb 2, 2012 at 5:21 PM, Anju Jyothish <anjupanicker.ms () gmail com>wrote:

> Hi,
>
> I have a question. How do the packets know which DFA table to consult for
> pattern matching. Apparently the packet data structure does not hold any
> group id.
>
> Thanks,
> Anju
>
>
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Snort-devel mailing list
> Snort-devel () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!