[Snort-devel] Fwd: Want to understand the control flow of Snort

Dirk Geschke Dirk_Geschke at ...802...
Tue Nov 29 00:12:08 EST 2005


Hi Yash,

>  I am trying to implement a worm detection algorithm as a snort plugin,
> But was unable to find out how should I go about modifying the source code,
> 
> I was not able to find the main function!!!!!!!!!!!!!!!!!!!!
> i was able to find the structure and varibles for all the packet informatio=
> n
> I would require .
> But it is imperitive for me to know the main function for the program
> flow!!!

how about line 182 of snort.c?

geschke$ grep -n "int main" snort-2.4.3/src/snort.c
182:int main(int argc, char* argv[]) 

You should also take a look at line 101 of snort-2.4.3/src/detect.c. Here
is the function Preprocess declared which loops over all defined preprocessors
and finally calls Detect() to check against the rules.

Best regards

Dirk







More information about the Snort-devel mailing list