[Snort-devel] ATTN: need testers willing to give statistics!

Ian Macdonald secsnortdev at ...1490...
Thu Aug 8 07:10:03 EDT 2002


Chris says that the code is dependent on some stuff that is not available on
win32, unless anyone has some bright ideas I am going to drop trying to get
this to run on win32.

Here is what I found.

The UINT64 should probably be defined as __int64

I have updated my source to use __int64 instead of long long

also changed typedef unsigned __int64, UINT64 *PUINT64; to
typedef unsigned __int64 *PUINT64; in perf.h

and changed the #include <sys/time.h>  to

#ifndef WIN32
#include <sys/time.h>
#endif /* !WIN32 */

in pref.h

I am still getting some other compile errors about rusage and getrusage

C:\Ian Macdonald\src\snort\snort\src\perf-base.c(67) : error C2079: 'rusage'
uses undefined struct 'rusage'
C:\Ian Macdonald\src\snort\snort\src\perf-base.c(69) : warning C4013:
'getrusage' undefined; assuming extern returning int
C:\Ian Macdonald\src\snort\snort\src\perf-base.c(69) : error C2065:
'RUSAGE_SELF' : undeclared identifier
C:\Ian Macdonald\src\snort\snort\src\perf-base.c(71) : error C2224: left of
'.ru_utime' must have struct/union type
C
....

Any thoughts?

Ian

----- Original Message -----
From: "Chris Green" <cmg at ...402...>
To: "Ian Macdonald" <secsnortdev at ...1490...>
Sent: Thursday, August 08, 2002 7:52 AM
Subject: Re: [Snort-devel] ATTN: need testers willing to give statistics!


> Ian Macdonald <secsnortdev at ...1490...> writes:
>
> > Are you looking for all the plugins being switched on? I tend to remove
> > the asn.1 because of false postives from snmp. Would logging to a
database
> > have any impact on the results?
> >
>
> No. Just whatever you are comfortable with in your environment.
>
> I want to see the alert rates and traffic flows.
>
> Since this is a test run of snort, adding -A none -N  to the command
> line is probably useful to disable logging.
> --
> Chris Green <cmg at ...402...>
> I've had a perfectly wonderful evening. But this wasn't it.
>      -- Groucho Marx
>





More information about the Snort-devel mailing list