[Snort-devel] unknown for src and dst IP's. Latest from CVS

Kevin Pietersma kev at ...52...
Tue Jun 19 14:35:54 EDT 2001


Grabbed the source from CVS yesterday to upgrade SNORT and now I have a 
problem.  It appears SNORT is putting NULL into mySQL, in the fields;
ip_src0, ip_src1, ip_src2, ip_src3, ip_dst0, ip_dst1, ip_dst2, ip_dst3


mysql> select * from iphdr where cid=102931;
+-----+--------+-----------+---------+---------+---------+---------+------------+---------+---------+---------+---------+--------+---------+--------+--------+-------+----------+--------+--------+----------+---------+
| sid | cid    | ip_src    | ip_src0 | ip_src1 | ip_src2 | ip_src3 | 
ip_dst     | ip_dst0 | ip_dst1 | ip_dst2 | ip_dst3 | ip_ver | ip_hlen | 
ip_tos | ip_len | ip_id | ip_flags | ip_off | ip_ttl | ip_proto | ip_csum |
+-----+--------+-----------+---------+---------+---------+---------+------------+---------+---------+---------+---------+--------+---------+--------+--------+-------+----------+--------+--------+----------+---------+
|   2 | 102931 | 405449071 |    NULL |    NULL |    NULL |    NULL | 
3630073377 |    NULL |    NULL |    NULL |    NULL |      4 |       5 
|      0 |     28 | 36205 |        0 |      0 |     31 |        1 |   61018 |
+-----+--------+-----------+---------+---------+---------+---------+------------+---------+---------+---------+---------+--------+---------+--------+--------+-------+----------+--------+--------+----------+---------+
1 row in set (0.06 sec)


Is it something I've done?  I've been upgrading the database schema to 
103.  I did this manually since using the create_mysql dies when it finds 
tables that already exist.





More information about the Snort-devel mailing list