[Snort-users] Dynamic Preprocessor- packets from established flows
alexthakidadam at ...125...
Tue Jan 29 15:01:53 EST 2013
i managed to get my own preprocessor running (using DPX starter kit). I would like to know when a packet gets called by my preprocessor, whether it's from an established flow or not. Can anyone help me how to do this?
Also, i have a counter to the packets being processed by my DPX, and i see a significant difference with the other preprocessors. It's like my DPX doesn't get called for every packet.I add my preprocessor like this :
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users