[Snort-users] Creating Snort’s W3C Output Plug-In

Younes Abderrahmane younes.abderrahmane31 at ...11827...
Sun May 14 20:33:39 EDT 2017


Hello everyone

I am trying to see how an output module works in SNORT

So I followed the steps that were quoted in this book To create W3C Output
plug-in:
“*Snort 2.1 Intrusion Detection, Second Edition* ” *chapter 7 page 342*

1-I put the source files (spo_w3c.h , spo_w3c.c )in the  output-plugins
folder

2-I added this line

#include "output-plugins/spo_w3c.h"

in the plugbase.c file, and the

AlertW3CSetup () function; I put it in the AlertW3CSetup () function; (The
InitOutputPlugins function does not exist)

3-in the / output-plugins folder / in the Makefile.in   I added the
following lines

Spo_w3c.c

spo_w3c.h

spo_w3c.$(OBJEXT)

4*-step *

*./configure*

*Make** (this is where the errors come from)*

*make  all-recursive*

*make[1]: Entering directory '/home/ids/snort_src/snort-2.9.9.0'*

*Making all in src*

*make[2]: Entering directory '/home/ids/snort_src/snort-2.9.9.0/src'*

*Making all in sfutil*

*make[3]: Entering directory '/home/ids/snort_src/snort-2.9.9.0/src/sfutil'*

*make[3]: Nothing to be done for 'all'.*

*make[3]: Leaving directory '/home/ids/snort_src/snort-2.9.9.0/src/sfutil'*

*Making all in win32*

*make[3]: Entering directory '/home/ids/snort_src/snort-2.9.9.0/src/win32'*

*make[3]: Nothing to be done for 'all'.*

*make[3]: Leaving directory '/home/ids/snort_src/snort-2.9.9.0/src/win32'*

*Making all in output-plugins*

*make[3]: Entering directory
'/home/ids/snort_src/snort-2.9.9.0/src/output-plugins'*

*Makefile:119: *** recipe commences before first target.  Stop.*

*make[3]: Leaving directory
'/home/ids/snort_src/snort-2.9.9.0/src/output-plugins'*

*Makefile:540: recipe for target 'all-recursive' failed*

*make[2]: *** [all-recursive] Error 1*

*make[2]: Leaving directory '/home/ids/snort_src/snort-2.9.9.0/src'*

*Makefile:506: recipe for target 'all-recursive' failed*

*make[1]: *** [all-recursive] Error 1*

*make[1]: Leaving directory '/home/ids/snort_src/snort-2.9.9.0'*

*Makefile:371: recipe for target 'all' failed*

*make: *** [all] Error 2*

****************************************************************************



*Someone has an idea how to fix errors?*

*Or if you have an example or tutorial of an output plug-in that displays
only a message I would be very thrilled;*

*Thanks for any help.*



More information about the Snort-users mailing list