關於SNORT無法插入範例的preprocessor - 資安

By Charlotte
at 2007-09-27T20:22
at 2007-09-27T20:22
Table of Contents
我已經解決我的問題了,總結如下:
##################################################
spp_template.c: In function `SetupTemplate':
spp_template.c:100: warning: implicit declaration of function `DebugMessage'
spp_template.c:100: error: `DEBUG_PLUGIN' undeclared (first use in this
function)
spp_template.c:100: error: (Each undeclared identifier is reported only once
spp_template.c:100: error: for each function it appears in.)
spp_template.c: In function `TemplateInit':
spp_template.c:117: error: `DEBUG_PLUGIN' undeclared (first use in this
function)
spp_template.c:131: warning: passing arg 1 of `AddFuncToPreprocList' from
incompatible pointer type
spp_template.c:131: error: too few arguments to function
`AddFuncToPreprocList'
##################################################
1. error: `DEBUG_PLUGIN' undeclared
A: #include "debug.h"
我在spp_template.c引入debug.h的函式庫
2. warning: implicit declaration of function `DebugMessage'
A: DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"...");
我用DEBUG_WRAP()把DebugMessage()包起來
不過我不知道為何範例的寫法會有問題
3. warning: passing arg 1 of `AddFuncToPreprocList' from incompatible pointer
type
error: too few arguments to function `AddFuncToPreprocList'
A: 新版的SNORT已經改過AddFuncToPreprocList()這個函式
SNORT2.4.1裡的型態為PreprocessFuncNode *AddFuncToPreprocList(void (*func)
(Packet *, void *))
SNORT2.6.1.5裡的型態為PreprocessFuncNode *AddFuncToPreprocList(void (*func)
(Packet *, void *), unsigned short priority, unsigned int preproc_id)
所以我目前改在SNORT2.4.1執行我的程式
4.
##################################################
etc/snort.conf(803) unknown dynamic preprocessor "template"
ERROR: Misconfigured dynamic preprocessor(s)
Fatal Error, Quitting..
##################################################
A: 我在etc/snort.conf第803行是設定"preprocessor template"
所以我在spp_template.c註冊preprocessor的名稱時也要為"template"
// RegisterPreprocessor("keyword", TemplateInit);
RegisterPreprocessor("template", TemplateInit);
如果這兩個名稱不符合就會發生這個問題,然而範例是註冊為keyword
所以一定要去修改註冊的名稱
--
Tags:
資安
All Comments

By Madame
at 2007-09-27T23:27
at 2007-09-27T23:27

By Hamiltion
at 2007-09-29T22:10
at 2007-09-29T22:10

By Hedda
at 2007-10-03T13:58
at 2007-10-03T13:58

By Jack
at 2007-10-07T14:34
at 2007-10-07T14:34

By Isla
at 2007-10-11T20:18
at 2007-10-11T20:18

By Tom
at 2007-10-13T05:57
at 2007-10-13T05:57

By Caitlin
at 2007-10-18T01:23
at 2007-10-18T01:23
Related Posts
世界知名駭客將齊聚台北,第一屆OWASP官方亞洲會議將於台北

By Catherine
at 2007-09-16T00:55
at 2007-09-16T00:55
關於SNORT無法插入範例的preprocessor

By Catherine
at 2007-09-16T00:02
at 2007-09-16T00:02
關於SSL在網站上的使用

By William
at 2007-09-10T22:47
at 2007-09-10T22:47
關於SSL在網站上的使用

By Hardy
at 2007-09-10T22:30
at 2007-09-10T22:30
關於WIN2000登入網域很慢的問題

By Kama
at 2007-09-10T13:03
at 2007-09-10T13:03