[Snort-users] 1.6 look for 1.6.3

Fyodor fygrave at ...121...
Thu Aug 10 02:30:57 EDT 2000


 
~ :=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
~ :08/09-21:29:53.116838 192.168.1.100:123 -> 192.168.1.9:123
~ :UDP TTL:128 TOS:0x0 ID:16170 
~ :Len: 56
~ :=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
~ :08/09-21:29:53.116946 192.168.1.9:123 -> 192.168.1.100:123
~ :UDP TTL:64 TOS:0x0 ID:60239 
~ :Len: 56
~ :=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
~ :
~ :What's the easiest way to hack the code so 1.6.3 has empty
~ :lines between each packet?
~ :

--- log.c.orig	Thu Aug 10 13:22:09 2000
+++ log.c	Thu Aug 10 13:22:15 2000
@@ -511,7 +511,7 @@
             PrintNetData(fp, p->data, p->dsize); 
     }
 
-    fprintf(fp, "=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+\n");
+    fprintf(fp, "=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+\n\n");
 }
 


:-) I will put my own copy of 1.6.3 version to snort.sourceforge.net so we
could think of other things to be improved there. (Solaris compilation
patch is also in there, so testers are welcome). :)





More information about the Snort-users mailing list