[Snort-users] Timestamps

Howard M. Kash III hmkash at ...110...
Thu Jul 20 12:30:02 EDT 2000


> Just noticed that its only the alert/log files which contain the wrong
> timestamp - the portscan pre-processor is logging the correct time.


Following patch to spp_portscan.c will fix the incorrect time
problem in portscan alerts:


171c171
< void AlertIntermediateInfo(Packet*, SourceInfo*);
---
> void AlertIntermediateInfo(SourceInfo*);

901c901
<                         if (logLevel & lEXTENDED) AlertIntermediateInfo(p, currentSource); 
---
>                         if (logLevel & lEXTENDED) AlertIntermediateInfo(currentSource); 

1353c1354
< void AlertIntermediateInfo(Packet* p, SourceInfo* currentSource)
---
> void AlertIntermediateInfo(SourceInfo* currentSource)

1361c1362
<     (*AlertFunc)(p, logMessage);
---
>     (*AlertFunc)(NULL, logMessage);



Howard




More information about the Snort-users mailing list