Snort mailing list archives
Re: Snort3 plugin debugging
From: Russ via Snort-users <snort-users () lists snort org>
Date: Thu, 8 Nov 2018 08:57:25 -0500
You might also consider the module trace facility. The trace_log and trace_logf calls in
src/stream/ip/ip_defrag.cc are a good example. On 11/8/18 8:30 AM, Jianyu Li via Snort-users wrote:
Sorry I didn't read the example code carefully. The LogMessage() is what I want.Thanks again! Jianyu Li ------------------------------------------------------------------------*From:* Snort-users <snort-users-bounces () lists snort org> on behalf of Jianyu Li via Snort-users <snort-users () lists snort org>*Sent:* 08 November 2018 12:16:21 *To:* snort-users () lists snort org *Subject:* Re: [Snort-users] Snort3 plugin debugging Hi Carter, The problem is solved. Thanks again. It seems like there is something wrong with my CMakeLists.txt file.Before I put .c files and .h files in one directory, now I splite them into two directories and add another item in target_include_directories, then it worked!One quick question:Can I print out customized log information during the executiton of snort? For example if I want to check the value of a varaible in my plugin. Is there any function I can use?Thanks, Jianyu Li ------------------------------------------------------------------------*From:* Snort-users <snort-users-bounces () lists snort org> on behalf of Jianyu Li via Snort-users <snort-users () lists snort org>*Sent:* 08 November 2018 09:09 *To:* Carter Waxman (cwaxman); snort-users () lists snort org *Subject:* Re: [Snort-users] Snort3 plugin debugging Hi Carter, Thank you very much for your help! I added the --warn-all and got a warning message:WARNING: /root/snort-3.0.0/lib//snort_extra/inspectors/dpx.so: undefined symbol: asn_DEF_MmsPdu (/root/snort-3.0.0/lib//snort_extra/inspectors/dpx.so)The asn_DEF_MmsPdu is a variable defined in another file, I would like to ask what does the "undefined symbol" mean here, is it something related to the linking issue you mentioned before?Thanks, Jinayu Li ------------------------------------------------------------------------ *From:* Carter Waxman (cwaxman) <cwaxman () cisco com> *Sent:* 07 November 2018 12:45:44 *To:* Jianyu Li; snort-users () lists snort org *Subject:* Re: [Snort-users] Snort3 plugin debugging--warn-all or --warn-plugins should show you what you want. Usually that means there is some sort of linking issue when the plugin is dlopen’d/dlsym’d.- Carter*From: *Snort-users <snort-users-bounces () lists snort org> on behalf of Jianyu Li via Snort-users <snort-users () lists snort org>*Reply-To: *Jianyu Li <jli31 () qub ac uk> *Date: *Wednesday, November 7, 2018 at 5:42 AM *To: *"snort-users () lists snort org" <snort-users () lists snort org> *Subject: *[Snort-users] Snort3 plugin debugging Hi,I added some lines in dpx plugin's dpx.cc and rebuild it successfully. But when I run the snort3 again the dpx plugin didn't show up in the snort summary output anymore, I would like to know if there is any way I can find out what's the problem, for example where I can view the error messages or is there any plugin error log file?Thanks, Jianyu Li _______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
_______________________________________________ Snort-users mailing list Snort-users () lists snort org Go to this URL to change user options or unsubscribe: https://lists.snort.org/mailman/listinfo/snort-users To unsubscribe, send an email to: snort-users-leave () lists snort org Please visit http://blog.snort.org to stay current on all the latest Snort news! Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette
Current thread:
- Snort3 plugin debugging Jianyu Li via Snort-users (Nov 07)
- <Possible follow-ups>
- Re: Snort3 plugin debugging Carter Waxman (cwaxman) via Snort-users (Nov 07)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Russ via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Carter Waxman (cwaxman) via Snort-users (Nov 08)
- Re: Snort3 plugin debugging Jianyu Li via Snort-users (Nov 08)