[Snort-devel] spo_xml patch
roesch at ...402...
Mon Jan 14 11:01:14 EST 2002
I'm cleaning house in snort-current to make way for Snort 2.0. In Snort
2.0 we'll be having very few native output types and using barnyard for
more complex/slow stuff like XML and database output. Nobody but
primary Snort developers should be tracking -current right now, it's
likely broken in a thousand horrible ways and there are big pieces that
have been removed.
> On Sat, Jan 12, 2002 at 12:52:13PM -0500, roman at ...49... wrote:
> > Enclosed is a patch to the xml output plugin to:
> > + properly handle non-IP alerts
> > + properly handle IP packets with a proto=ICMP,UDP,TCP
> > but no corresponding p->icmph,udph,tcph
> > This addresses bug #491771 (xml equivalent of the
> > database bug) and #488742.
> comitted. Just noticed spo_xml.c is not in current btw. (only in
> SNORT_1_8 release).
> PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
Martin Roesch - Founder/CEO, Sourcefire Inc. - (410)552-6999
Sourcefire: Professional Snort Sensor and Management Console appliances
roesch at ...402... - http://www.sourcefire.com
Snort: Open Source Network IDS - http://www.snort.org
More information about the Snort-devel