[Snort-devel] on module code

Todd Lewis tlewis at ...120...
Fri Dec 8 23:42:27 EST 2000


Before I forget, the patch also includes generic module handling code
that I am working on.  It basically consists of a routine to which you
pass a list of directories, a symbol name, and a callback.  The routine
will search those directories for any module files that have that symbol
in them and will return the symbol to the callback.  Thus, for each
thing that you want to modularise, you just have a different directory
(or set of directories, one standard, one local, one per user, whatever)
for each kind of module.  E.g., in the paengine code I will say:

	char **dirs = {
		"/usr/lib/snort/modules/paengine/",
		"/usr/local/lib/snort/modules/paengine/",
		"~/.snort/modules/paengine/",
		NULL
	}

	get_modules(dirs, "snort_paengine", pa_callback);

While, if we were to modularise the action code, we could say

	char **dirs = {
		"/usr/lib/snort/modules/actions/",
		"/usr/local/lib/snort/modules//actions",
		"~/.snort/modules/actions/",
		NULL
	}

	get_modules(dirs, "snort_action", ac_callback);

The code in module.c can be #ifdef'd to support different module systems,
and then we're all done with modules.

I've done module systems like this before, so I thought that I would throw
this together.  If people like this approach, maybe with suggestions,
then I can pursue it.

--
Todd Lewis                                       tlewis at ...120...

  God grant me the courage not to give up what I think is right, even
  though I think it is hopeless.          - Admiral Chester W. Nimitz


More information about the Snort-devel mailing list