[Snort-users] 1.6 look for 1.6.3

Lance Spitzner lance at ...185...
Wed Aug 9 22:33:08 EDT 2000


I'm not a big fan of how 1.6.3 displays packets with
the '-v' option, I prefer the output 1.6.  Specifically,
I prefer how 1.6 has a empty line between each packet,
as opposed to 1.6.3, which has:

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
08/09-21:29:53.116838 192.168.1.100:123 -> 192.168.1.9:123
UDP TTL:128 TOS:0x0 ID:16170 
Len: 56
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
08/09-21:29:53.116946 192.168.1.9:123 -> 192.168.1.100:123
UDP TTL:64 TOS:0x0 ID:60239 
Len: 56
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

What's the easiest way to hack the code so 1.6.3 has empty
lines between each packet?

Thanks!

Lance Spitzner
http://www.enteract.com/~lspitz/papers.html





More information about the Snort-users mailing list