[Snort-users] New to snort

Nicholas Mavis (nmavis) nmavis at ...589...
Thu Apr 10 10:31:54 EDT 2014


James,

The only documentation of Snort code would be the comments within the code. Unless Joel has something to contribute… I don’t believe there is anything available.

Nick

From: James Lay <jlay at ...13475...<mailto:jlay at ...13475...>>
Date: Thursday, April 10, 2014 at 8:26 AM
To: Pothineni sai bhushan <psaibhushan at ...11827...<mailto:psaibhushan at ...5119...827...>>
Cc: Snort <snort-users at lists.sourceforge.net<mailto:snort-users at ...635...eforge.net>>
Subject: Re: [Snort-users] New to snort

On Thu, 2014-04-10 at 17:42 +0530, Pothineni sai bhushan wrote:
Thank you. I wanted the documentation to know the roles of each files in processing a packet. Is there any other manual or site where that info is available.




On Thu, Apr 10, 2014 at 4:51 PM, James Lay <jlay at ...13475...<mailto:jlay at ...846....13475...>> wrote:
On Thu, 2014-04-10 at 15:28 +0530, Pothineni sai bhushan wrote:
Hi,

  I am new to snort. Is there any documentation for snort source code?I would like to know where the snort actually sends calls to drop packets and how snort interacts with drivers.

 Do DAQs act as abstract layer between network interface and snort?




I'm sure the source code itself is documented.  I believe DAQ is the abstraction layer...it used to be libpcap.

James



I'm certain one of the snort developers would have this info...gents?

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20140410/5a4411c5/attachment.html>


More information about the Snort-users mailing list