[Snort-devel] Need help to know which files to be changed in Dynamic preprocessor starter kit

Amtul Saboor saboor.amtul at ...2499...
Fri Nov 22 09:48:05 EST 2013


Thanks . Ill get back to u once i start actually coding.
On Nov 22, 2013 7:07 PM, "Russ Combs" <rcombs at ...402...> wrote:

> Only # 1 and 8.  You should not need to change 4 but you may want to
> change src/Makefile.am.  The rest of those files are generated.
>
>
> On Fri, Nov 22, 2013 at 3:18 AM, Amtul Saboor <saboor.amtul at ...2499...>wrote:
>
>> Hello,
>>
>>
>> I am student of information security. But please note that this is not my
>> assignment, and I am myself searching on customizing snort and work on it.
>>
>>
>> I have downloaded the DPX (sample dynamic preprocessor) from the
>> following official link:
>>
>>
>> http://www.snort.org/snort-downloads/dynamic-preprocessor-starter-kit/
>>
>> *And I am successfully running it. This preprocessor tells if source and
>> destination ports match, it tells it against a pcap file already stored.
>> The main code is written in dpx.c file, while the other files are not
>> making much sense to me.*
>>
>>
>> *Please help me to know which of the following files need to get changed
>> if i want to make my own preprocessor to find average number of pings per
>> second (just an example) or anything else.*
>>
>>
>> I have these files in the preprocessor "src" file:
>>
>>
>> 1) dpx.c,
>> 2) libdpx.la
>> 3) makefile
>> 4) makefile.am
>> 5) makefile.in
>> 6) sf_dynamic_preproc_lib.c
>> 7) sfPolicyUserData.c
>> 8) sf_preproc_info.h
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Shape the Mobile Experience: Free Subscription
>> Software experts and developers: Be at the forefront of tech innovation.
>> Intel(R) Software Adrenaline delivers strategic insight and game-changing
>> conversations that shape the rapidly evolving mobile landscape. Sign up
>> now.
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Snort-devel mailing list
>> Snort-devel at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/snort-devel
>> Archive:
>> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>>
>> Please visit http://blog.snort.org for the latest news about Snort!
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20131122/80fb5800/attachment.html>


More information about the Snort-devel mailing list