Snort mailing list archives
Re: Snort IPv6 database schema
From: "Edward Fjellskål" <edwardfjellskaal () gmail com>
Date: Tue, 02 Nov 2010 18:25:58 +0100
On 11/02/2010 12:42 PM, Yun Zheng Hu wrote:
Hello, IPv6 is becoming more and more important nowadays. Although Snort supports it, full support for IPv6 alert/log outputting to a database is still lacking. This is because the current [1] Snort database schema (v107) does not yet support IPv6 headers. Maybe just add a new table "ip6hdr"? So, is there any timeframe on when this will be added/supported? Maybe just add a new table "ip6hdr" ? When official support for ipv6 is added to the schema then spooler programs such as Barnyard could easily add support for it's database plugins as well. [1] http://cvs.snort.org/viewcvs.cgi/snort/schemas/create_mysql?rev=1.6&content-type=text/vnd.viewcvs-markup Regards, Yun
Hi, Regards to that, I search the Internet a year back ago, but did not find any solution to implement IPv6 in MySQL. As long as MySQL dont add it to engine, we are out of real luck... PGSQL has IPv6 support default :) But I did find this blog post, which I sanitized, tested, and now uses for putting IPv6 into MySQL. http://oierud.name/bliki/IPv6AdressesAndMysql.html The blog post is actually from a friend of mine, so I did have the chance to chat with him in person about it. This way was the only sain way I found back then. I don't know if MySQL in newer versions supports IPv6, but enlighten me if it does :) Here is an example of the use with perl: http://github.com/gamelinux/cxtracker/blob/master/bin/cxtracker2db.pl http://github.com/gamelinux/cxtracker/blob/master/doc/INSTALL E
------------------------------------------------------------------------------ Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
------------------------------------------------------------------------------ Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- Snort IPv6 database schema Yun Zheng Hu (Nov 02)
- Re: Snort IPv6 database schema Edward Fjellskål (Nov 02)