[Snort-devel] How to get details of Packet data structure

Russ Combs rcombs at ...402...
Mon Aug 5 10:20:22 EDT 2013


On Mon, Jul 29, 2013 at 9:51 AM, Saeed Adel Mehraban <s.adel07 at ...2499...>wrote:

> H
> i there,
> I am trying to develop a preprocessor for snort and I need to be familiar
> with Packet data structure. But I could not find anything in user manual or
> anywhere else. Also there is not much information in decoder.h (I think
> that's where Packet fields came from).
> What can I do?
>
>
Take another look at decode.h.  That is what defines the Packet struct.  If
you are creating a dynamic preprocessor, you must use the SFSnortPacket
defined in
dynamic-plugins/sf_engine/sf_snort_packet.h.

>
>
> ------------------------------------------------------------------------------
> Get your SQL database under version control now!
> Version control is standard for application code, but databases havent
> caught up. So what steps can you take to put your SQL databases under
> version control? Why should you start doing it? Read more to find out.
> http://pubads.g.doubleclick.net/gampad/clk?id=49501711&iu=/4140/ostg.clktrk
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> Archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20130805/c9b2cc7c/attachment.html>


More information about the Snort-devel mailing list