Re: Dynamic Preprocessor not capturing any packet

[Hui cao <huica () cisco com>]

You can step through your code to figure out why. Is SetupModSec called? 
Is ModSecInit called? Is ModSecProcess called? You can check SSH 
preprocessor how it works because it is very simple.

Best,
Hui.

On 07/07/2015 09:46 PM, Big Whale wrote:
> Hello all,
>
> My preprocessor is not capturing any packet, even though i have 
> defined if the source port is equal to specific port then the alert 
> will be trigger with that preprocessor signature. However, everything 
> seems not working like i wanted. Here is the link of my code --> 
> https://github.com/d0lph1n98/Snort-ModSec-CRS-Parser
>
>
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
>
>
> _______________________________________________
> Snort-devel mailing list
> Snort-devel () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> Archive:
> http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel
>
> Please visit http://blog.snort.org for the latest news about Snort!

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!