[Snort-devel] Weekend patches

Martin Roesch roesch at ...48...
Sun Oct 29 12:52:18 EST 2000


Hi guys,
    I've done a bit of coding this weekend and added or fixed a bunch of stuff
in CVS.  Right now, I've got the snprintf code working (apparently) on all
platforms in the house (Sparc, Alpha, x86,
Linux/OpenBSD/FreeBSD/Solaris/Tru64), so that little hurdle has been jumped. 
I integrated Chris Cramer's checksumming code into the system this morning,
but there's a problem.  The checksums for the IP headers are working fine, but
the transport checksums *always* come back bad (compile with -DDEBUG to see it
in action).
     I've also gone thru the decoder and converted all data types to explicit
bit widths to avoid confision on 64-bit architectures (Alpha), as well as
going through and updating a lot of comments in the decode.c file.  There's a
bunch of other stuff that's been tweaked as well, here's the list:

Stuff added/fixed this weekend:
* Chris Cramer's Checksum patches
* snprintf on Tru64
* configure script for snprintf inclusion
* Tighter bitwise specific types for decoders (for 64-bit decoding on Alpha)
* tcpdump plugin cleans up log file if no data has been written to log before
shutdown (no more 24-byte files laying around the hard drive)
* re-indented decode.c file
* updated comments in decode.c
* touched up plugbase.h to fix header file includes for the ioctls that are
being called
* UID=0 check added at startup time, Snort doesn't allow non-root users to
even get started

Problems:
* Transport layer checksumming doesn't work right currently
* XML plugin won't compile on OpenBSD due to some problem with rsa.h

Jed, XML isn't compiling correctly on OpenBSD right now, if you want to give
it a try you can log into elric and try your hand at fixing it.

     -Marty

-- 
Martin Roesch
roesch at ...48...
http://www.snort.org



More information about the Snort-devel mailing list