[Snort-devel] How to debugging on Snort?
Al Lewis (allewi)
allewi at cisco.com
Thu May 17 22:14:40 EDT 2018
To debug… use GDB.
Cisco Systems Inc.
Email: allewi at cisco.com<mailto:allewi at cisco.com>
From: Snort-devel <snort-devel-bounces at lists.snort.org> on behalf of İzzettin Erdem via Snort-devel <snort-devel at lists.snort.org>
Reply-To: İzzettin Erdem <root.mch at gmail.com>
Date: Thursday, May 17, 2018 at 10:11 PM
To: "snort-devel at lists.snort.org" <snort-devel at lists.snort.org>
Subject: [Snort-devel] How to debugging on Snort?
Hello Everyone ,
I want to debug Snort but I didn't find something help me. Actually I want to learn that: Packets come in to network and Snort catches them. After that, Snort checks packets by rules. How can I see what Snort checks at a time and output of this check process?
Example check process for packet P1;
Searching for :
output -> found or 1
continue to check packet p1:
output -> not found or 0
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-devel