[Snort-devel] Stderr instead of stdout in DropStats().

Andreas Östling andreaso at ...387...
Sat Mar 2 07:48:13 EST 2002


Is there any clever reason why the output from DropStats() is printed to
stdout instead of stderr when running Snort in -r mode?
If not, here is a suggested patch against 1.9-dev.
(Sometimes I really like sending the stats to /dev/null when using -r.)

Regards,
Andreas Östling



--- util.c.orig	Sun Feb 24 18:55:37 2002
+++ util.c	Sat Mar  2 15:51:27 2002
@@ -755,7 +755,7 @@
      *                */
     if(pv.readmode_flag)
     {
-        puts("\n\n===============================================================================\n");
+        fputs("\n\n===============================================================================\n", stderr);

 	/* this wildass line adjusts for the fragment reassembly packet injecter */
 	recv = (float) (pc.tcp
@@ -772,35 +772,35 @@

         drop = 0;

-        printf("Snort processed %d packets.\n", (int) recv);
+        fprintf(stderr, "Snort processed %d packets.\n", (int) recv);

-        puts("Breakdown by protocol:                Action Stats:\n");
-        printf("    TCP: %-10ld (%.3f%%)%-*sALERTS: %-10ld\n",
+        fputs("Breakdown by protocol:                Action Stats:\n", stderr);
+        fprintf(stderr, "    TCP: %-10ld (%.3f%%)%-*sALERTS: %-10ld\n",
                 pc.tcp, CalcPct((float) pc.tcp, recv + drop),
                 CalcPct((float)pc.tcp,recv + drop)<10?10:9 , " ", pc.alert_pkts);
-        printf("    UDP: %-10ld (%.3f%%)%-*sLOGGED: %-10ld\n",
+        fprintf(stderr, "    UDP: %-10ld (%.3f%%)%-*sLOGGED: %-10ld\n",
                 pc.udp, CalcPct((float) pc.udp, recv + drop),
                 CalcPct((float)pc.udp,recv + drop)<10?10:9, " ", pc.log_pkts);
-        printf("   ICMP: %-10ld (%.3f%%)%-*sPASSED: %-10ld\n",
+        fprintf(stderr, "   ICMP: %-10ld (%.3f%%)%-*sPASSED: %-10ld\n",
                 pc.icmp, CalcPct((float) pc.icmp, recv + drop),
                 CalcPct((float)pc.icmp,recv + drop)<10?10:9, " ", pc.pass_pkts);
-        printf("    ARP: %-10ld (%.3f%%)\n", pc.arp, CalcPct((float) pc.arp, recv + drop));
-        printf("   IPv6: %-10ld (%.3f%%)\n", pc.ipv6, CalcPct((float) pc.ipv6, recv + drop));
-        printf("    IPX: %-10ld (%.3f%%)\n", pc.ipx, CalcPct((float) pc.ipx, recv + drop));
-        printf("  OTHER: %-10ld (%.3f%%)\n", pc.other, CalcPct((float) pc.other, recv + drop));
-        printf("===============================================================================\n");
-        printf("Fragmentation Stats:\n");
-        printf("Fragmented IP Packets: %-10ld (%-3.3f%%)\n", pc.frags, CalcPct((float) pc.frags, recv + drop));
-        printf("   Rebuilt IP Packets: %-10ld\n", pc.rebuilt_frags);
-        printf("   Frag elements used: %-10ld\n", pc.rebuild_element);
-        printf("Discarded(incomplete): %-10ld\n", pc.frag_incomp);
-        printf("   Discarded(timeout): %-10ld\n", pc.frag_timeout);
-        puts("===============================================================================\n");
-        printf("TCP Stream Reassembly Stats:\n");
-        printf("   TCP Packets Used:      %-10ld (%-3.3f%%)\n", pc.tcp_stream_pkts, CalcPct((float) pc.tcp_stream_pkts, recv + drop));
-        printf("   Reconstructed Packets: %-10ld (%-3.3f%%)\n", pc.rebuilt_tcp,CalcPct((float) pc.rebuilt_tcp, recv + drop));
-        printf("   Streams Reconstructed: %-10ld\n", pc.tcp_streams);
-        puts("===============================================================================\n");
+        fprintf(stderr, "    ARP: %-10ld (%.3f%%)\n", pc.arp, CalcPct((float) pc.arp, recv + drop));
+        fprintf(stderr, "   IPv6: %-10ld (%.3f%%)\n", pc.ipv6, CalcPct((float) pc.ipv6, recv + drop));
+        fprintf(stderr, "    IPX: %-10ld (%.3f%%)\n", pc.ipx, CalcPct((float) pc.ipx, recv + drop));
+        fprintf(stderr, "  OTHER: %-10ld (%.3f%%)\n", pc.other, CalcPct((float) pc.other, recv + drop));
+        fputs("===============================================================================\n", stderr);
+        fputs("Fragmentation Stats:\n", stderr);
+        fprintf(stderr, "Fragmented IP Packets: %-10ld (%-3.3f%%)\n", pc.frags, CalcPct((float) pc.frags, recv + drop));
+        fprintf(stderr, "   Rebuilt IP Packets: %-10ld\n", pc.rebuilt_frags);
+        fprintf(stderr, "   Frag elements used: %-10ld\n", pc.rebuild_element);
+        fprintf(stderr, "Discarded(incomplete): %-10ld\n", pc.frag_incomp);
+        fprintf(stderr, "   Discarded(timeout): %-10ld\n", pc.frag_timeout);
+        fputs("===============================================================================\n", stderr);
+        fputs("TCP Stream Reassembly Stats:\n", stderr);
+        fprintf(stderr, "   TCP Packets Used:      %-10ld (%-3.3f%%)\n", pc.tcp_stream_pkts, CalcPct((float) pc.tcp_stream_pkts, recv + drop));
+        fprintf(stderr, "   Reconstructed Packets: %-10ld (%-3.3f%%)\n", pc.rebuilt_tcp,CalcPct((float) pc.rebuilt_tcp, recv + drop));
+        fprintf(stderr, "   Streams Reconstructed: %-10ld\n", pc.tcp_streams);
+        fputs("===============================================================================\n", stderr);

     }
     else





More information about the Snort-devel mailing list