[Snort-devel] Fwd: Want to understand the control flow of Snort
Dirk_Geschke at ...802...
Tue Nov 29 00:12:08 EST 2005
> I am trying to implement a worm detection algorithm as a snort plugin,
> But was unable to find out how should I go about modifying the source code,
> I was not able to find the main function!!!!!!!!!!!!!!!!!!!!
> i was able to find the structure and varibles for all the packet informatio=
> I would require .
> But it is imperitive for me to know the main function for the program
how about line 182 of snort.c?
geschke$ grep -n "int main" snort-2.4.3/src/snort.c
182:int main(int argc, char* argv)
You should also take a look at line 101 of snort-2.4.3/src/detect.c. Here
is the function Preprocess declared which loops over all defined preprocessors
and finally calls Detect() to check against the rules.
More information about the Snort-devel