[Snort-users] Data structures in rules.h

Anupam Bansal ab1274 at ...2868...
Tue Sep 25 11:09:03 EDT 2001


I had already asked this question once and there was no response
forthcoming. So I am hoping it will be a case of second time lucky.

I am looking at the RuleListNode data structure in rules.h.

I am assuming that there is only one variable created of this structure ie
RuleLists. Is this true ??

Now RuleLists has a pointer to the Listhead strcuture which contains
seperate lists for IP, TCP, UDP and ICMP.

So do these lists hold the rules for these four protocols in the
RuleTreeNode and the OptTreeNode structure ??

So RuleTreeNode and OptTreeNode form the Chain Headers and Chain Options
part as in the documentation ??



More information about the Snort-users mailing list