[Snort-devel] spp_portscan logging patch

Erich Meier Erich.Meier at ...2...
Tue Dec 5 06:25:51 EST 2000


Hi!

Here is a patch to spp_portscan.c to correct the alert and log functions.
Without the patch, the subsystem logs the current packet which is largely
misleading.

-----
Index: spp_portscan.c
===================================================================
RCS file: /cvsroot/snort/snort/spp_portscan.c,v
retrieving revision 1.18
diff -r1.18 spp_portscan.c
933,934c933,934
<   CallAlertFuncs(p, logMessage, NULL);
<   CallLogFuncs(p, logMessage, NULL);
---
>   CallAlertFuncs(NULL, logMessage, NULL);
>   CallLogFuncs(NULL, logMessage, NULL);
958,959c958,959
<    CallAlertFuncs(p, logMessage, NULL);
<    CallLogFuncs(p, logMessage, NULL);
---
>    CallAlertFuncs(NULL, logMessage, NULL);
>    CallLogFuncs(NULL, logMessage, NULL);
-----

Erich



More information about the Snort-devel mailing list