[Snort-devel] PortVar syntax and typo fix requested

rmkml rmkml at ...879...
Sat Dec 8 16:17:01 EST 2007


Hi,
snort v280* introduce new PortVar variables,
maybe add check for this next case please :
  portvar HTTP_PORTS [80,,81]
  portvar HTTP_PORTS [80,80]
  portvar HTTP_PORTS 0
  portvar HTTP_PORTS 80000
  ->PortVar 'HTTP_PORTS' defined :  [ 14464]
  portvar HTTP_PORTS 800000
  ->PortVar 'HTTP_PORTS' defined :  [ 13568]
  portvar HTTP_PORTS 800000000000
  ->PortVar 'HTTP_PORTS' defined :  [ 65535]
  portvar HTTP_PORTS 8000000000000000000000000000000000000000000
  ->PortVar 'HTTP_PORTS' defined :  [ 65535]
  portvar HTTP_PORTS [80,8080,]a
  portvar HTTP_PORTSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA 80
snort start without error...

and maybe fix typo/comments on sfutil/sfportobject.c :
-   --- Port varaibles
+   --- Port variables
-   portvar http_list  [ 80 8080 8138 ]
+   portvar http_list  [80,8080,8138]
-   2) multile port objects each with a small set of rules assoicated with it.
+   2) multiple port objects each with a small set of rules assoicated with it.
-      with a small set of rules assoicated with each.
+      with a small set of rules associated with each.
-                do nothing, each port referncing this port object is complete.
+                do nothing, each port referencing this port object is complete.
- * Create a new ortObjectItem
+ * Create a new PortObjectItem
-   a non zero value foe the purposes of hashing and searching.
+   a non zero value for the purposes of hashing and searching.
- * pol_cnt - number of port obejcts in port list
+ * pol_cnt - number of port objects in port list
-    * and copy them into separte lists
+    * and copy them into separate lists
-    * we always get them in the same order for key comparsions
+    * we always get them in the same order for key comparisons
-      * The large rule group port obejct is already set to ponew
+      * The large rule group port object is already set to ponew
-      /* merge the rules into an optimal port obejct */
+      /* merge the rules into an optimal port object */
-        /* set the new list - htis is a list of port itmes for this port object
+        /* set the new list - htis is a list of port items for this port object
- * Perform a consitency check on the final port+rule objects
+ * Perform a consistency check on the final port+rule objects
-        FatalError("Memory eror in PortTableComopile\n");
+        FatalError("Memory error in PortTableCompile\n");
-          FatalError("PortObject Consitency Check failed, hash table problem\n")
+          FatalError("PortObject Consistency Check failed, hash table problem\n")
-    *    referenced to that port in the composit object
+    *    referenced to that port in the composite object
- FatalError("InputPortObject<->CompositePortObject Consitency Check II failed!\n");
+ FatalError("InputPortObject<->CompositePortObject Consistency Check II failed!\n");
- FatalError("InputPortObject<->CompositePortObject Consitency Check II failed!\n");
+ FatalError("InputPortObject<->CompositePortObject Consistency Check II failed!\n");
-* these groups are calculated consitecny checking is done witht he finished
+* these groups are calculated consistency checking is done with the finished
-   Prints the original (normalzied) PortGroups and
-   as sepcified by the user
+   Prints the original (normalized) PortGroups and
+   as specified by the user
-* nameflag - indicates a name must be present, this allows useage for
+* nameflag - indicates a name must be present, this allows usage for

Please Credits to Crusoe Researches (and rmkml)
Happy Snorting (and Bro/Azwalaro{wireshark based} techno)
Rmkml
Crusoe Researches
http://www.Crusoe-Researches.com




More information about the Snort-devel mailing list