[Snort-users] Snort and Unix-Socket

Dirk Geschke Dirk_Geschke at ...1344...
Thu Nov 22 00:51:02 EST 2001


> [snip snip]
> >         if(listen(sockfd, 5) == -1) {
> >                 fprintf(stderr, "Unable to listen on socket.");
> >                 exit(EXIT_FAILURE);
> >         }
> > 
> >         while((connfd = accept(sockfd, (struct sockaddr *) &adress,
> > &adrlen)) >= 0) {
> 
> I don't think you need to && can call accept and listen on
> connection-less sockets (which SOCK_DGRAM is), all you need is to call
> recvfrom() on the socket.. Look through snort-devel or snort-users
> mailing list archives, I was posting a sample how to use unix sockets
> with snort while ago.

Correct. Both, the listen and accept command, would only work with streaming
sockets, not with unix sockets. Unix sockets work like UDP connections...

Remove the listen and replace the accept with recv().

Best regards

Dirk
 
-- 
+------------------------------------------------------------+
| Dr. Dirk Geschke            | E-mail: geschke at ...1344...     |
| Gesellschaft fuer Netzwerk  | Tel.  : +49-(0)-89-991950-31 |
| und Unix Administration mbH | Fax   : +49-(0)-89-991950-99 |
| 85551 Kirchheim / Germany   | Raeter Stra/3e 26            |
+------------------------------------------------------------+






More information about the Snort-users mailing list