[Snort-devel] Update for the 1.9 manual

Ian Macdonald secsnortdev at ...1490...
Wed Oct 2 14:36:59 EDT 2002


It is probably worth noting that there is another argument for portscan2,
the log option. This should specify the name of the log file that port scans
details will be logged

Here is a little patch for ParseScanmungeArgs in spp_portscan2.c, sorry for
it not being a patch, kinda hard to do on a wintel box. It allows a full
path to be specified on a Win32 box. The idea being that it is checking for
the : in the C:\ rather than the first \ in /usr/local/snort.

#ifdef WIN32
     if (stoks[1][1] == ':')
      strncpy (logpath, stoks[1], STD_BUF);
#else
     if (stoks[1][0] == '/')
      strncpy (logpath, stoks[1], STD_BUF);
#endif
     else
     {
      strncpy(logpath, pv.log_dir, STD_BUF);
                     strncat(logpath, "/", 1);
      strncat(logpath, stoks[1], strlen (stoks[1]));
     }
     i++;







More information about the Snort-devel mailing list