[Snort-devel] Snort IPv6 database schema

Yun Zheng Hu yunzheng.hu at ...2499...
Tue Nov 2 07:42:57 EDT 2010


IPv6 is becoming more and more important nowadays. Although Snort
supports it, full support for IPv6 alert/log outputting to a database
is still lacking.
This is because the current [1] Snort database schema (v107) does not
yet support IPv6 headers. Maybe just add a new table "ip6hdr"?

So, is there any timeframe on when this will be added/supported? Maybe
just add a new table "ip6hdr" ?
When official support for ipv6 is added to the schema then spooler
programs such as Barnyard could easily add support for it's database
plugins as well.

[1] http://cvs.snort.org/viewcvs.cgi/snort/schemas/create_mysql?rev=1.6&content-type=text/vnd.viewcvs-markup


More information about the Snort-devel mailing list