[Snort-devel] Help Developing Snort "Hello World" Dynamic Preprocessor

Fuat Yosanto mbahe_suro at ...3099...
Sat Jul 31 02:35:18 EDT 2010

Hi all,

Actually I have a problem when creating my own dynamic-preprocessor.
(See my previous email with subject : Linking custom dynamic-preprocessor)
Seems like my dynamic-preprocessor hasn't been executed by Snort (loaded
successfully but didn't work).
I can't figure out what's wrong with it. May be something is missing.
I have tried modifying Snort dynamic-preprocessor example to do same
process with my dynamic-preprocessor.
It works, but I can't satisfy my needs, because of its directory
position, and naming problem.

So to understand what are the minimum requirements to build
I am looking for a basic example code like "hello world" Snort

Here, I have created the prototype of "hello world" Snort
The idea is simple, it will log message when it finds any kind of packet.
Additionally it can identify TCP, UDP, and ICMP packet.

Assume that we have done any setup things to integrate this
dynamic-preprocessor in Snort sources
such as editing generators.h, preprocids.h, Makefile.am, re-running
autotools, etc.

These are the sources :
Directory : src/dynamic-preprocessor/hello

File name : spp_hello.c
#include "preprocids.h"
#include "sf_snort_packet.h"
#include "sf_dynamic_preprocessor.h"
#include "sf_dynamic_preproc_lib.h"
#include "sf_snort_plugin_api.h"
#include "sfPolicy.h"
#include "sfPolicyUserData.h"

#define GENERATOR_SPP_HELLO                    230

extern DynamicPreprocessorData _dpd;

static void HelloInit(char *);
static void HelloProcess(void *, void *);

void HelloSetup()
    _dpd.registerPreproc("hello", HelloInit);

static void HelloInit(char *args)
    _dpd.addPreproc(HelloProcess, PRIORITY_TRANSPORT, PP_HELLO,

static void HelloProcess(void *pkt, void *context)
    SFSnortPacket *p = (SFSnortPacket *)pkt;
            _dpd.logMsg("Hello : Got TCP packet!\n");
    else if(IsUDP(p))
        _dpd.logMsg("Hello : Got UDP packet!\n");
    else if(IsICMP(p))
        _dpd.logMsg("Hello : Got ICMP packet!\n");
        _dpd.logMsg("Hello : Got unknown packet!\n");

File name : sf_preproc_info.h :

#define MAJOR_VERSION   1
#define MINOR_VERSION   0
#define BUILD_VERSION   1
#define PREPROC_NAME    "HelloWorld_Preprocessor"

#define DYNAMIC_PREPROC_SETUP   HelloSetup
extern void HelloSetup();


So here I need a help to fix & improve them, beacuse those are still not
There should be something missing, something wrong, or something

More information about the Snort-devel mailing list