Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Detection Engine

From: Jallam Amada <arisen () posteo de>
Date: Wed, 13 Dec 2017 22:13:03 +0100
Hello Guys,

i have a question regarding packet evaluation in Snort 2.9.11 (not
C++!). I am willing to replace the Detection Engine (no portgroups, no
fpPatternMatching...) by simply running my own function to the flowing
packet while ignoring the rest of Snort. As simple as it might sound,
what is the fastest way to achieve this with existing function in the
framework?

I don't need any preprocessors or anything, i just need to make use of a
firewall-functionality in Snort (packet classification).


Thank You..

Jallam Amada

_______________________________________________
Snort-devel mailing list
Snort-devel () lists snort org
https://lists.snort.org/mailman/listinfo/snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: