'[Os-sim-commits] agent/ossim_agent ParserSnort.py,1.11,1.12'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       os-sim-commits
Subject:    [Os-sim-commits] agent/ossim_agent ParserSnort.py,1.11,1.12
From:       Alberto Roman Linacero <alberto_r () users ! sourceforge ! net>
Date:       2008-10-30 14:53:18
Message-ID: E1KvYti-0001A5-Dx () 23jxhf1 ! ch3 ! sourceforge ! com
[Download RAW message or body]

Update of /cvsroot/os-sim/agent/ossim_agent
In directory 23jxhf1.ch3.sourceforge.com:/tmp/cvs-serv4344

Modified Files:
	ParserSnort.py 
Log Message:
- Fix the "FUC** COMMAND" problem that appears sometimes in the server, rejecting \
events. Now ossim-agent has direct VLAN 802.1q support for snort unified format. \
Thanks jvblanco for his help :)


Index: ParserSnort.py
===================================================================
RCS file: /cvsroot/os-sim/agent/ossim_agent/ParserSnort.py,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- ParserSnort.py	27 Oct 2008 18:47:29 -0000	1.11
+++ ParserSnort.py	30 Oct 2008 14:53:15 -0000	1.12
@@ -53,6 +53,15 @@
                 self.sport = self._packet.sport
                 self.protocol = self._packet.protocol
                 self.flags = 0
+            elif self._ethertype==0x8100:  #VLAN!
+                self.offsetip = self.offsetip+4
+                self._packet = IPPacket(pkt[self.offsetip:])
+                self.sip = self._packet.sip
+                self.dip = self._packet.dip
+                self.dport = self._packet.dport
+                self.sport = self._packet.sport
+                self.protocol = self._packet.protocol
+                self.flags = 0
             else:
                 dumphexdata(self._pkt)
                 self.sip = self.dip = self.dport = self.sport = 0


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Os-sim-commits mailing list
Os-sim-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/os-sim-commits


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic