[Snort-users] Data structures in rules.h

Anupam Bansal ab1274 at ...2868...
Tue Sep 25 11:09:03 EDT 2001


Hi,

I had already asked this question once and there was no response
forthcoming. So I am hoping it will be a case of second time lucky.

I am looking at the RuleListNode data structure in rules.h.

I am assuming that there is only one variable created of this structure ie
RuleLists. Is this true ??

Now RuleLists has a pointer to the Listhead strcuture which contains
seperate lists for IP, TCP, UDP and ICMP.

So do these lists hold the rules for these four protocols in the
RuleTreeNode and the OptTreeNode structure ??

So RuleTreeNode and OptTreeNode form the Chain Headers and Chain Options
part as in the documentation ??

Thanks,

ANUPAM





More information about the Snort-users mailing list