blacklight
/
Snort_AIPreproc
mirror of https://github.com/BlackLight/Snort_AIPreproc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Copying the stuff

This commit is contained in:
BlackLight 2010-09-15 14:07:38 +02:00
parent 185b279120
commit e8c7c64608
5 changed files with 98 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Makefile.am
View File

@ -26,7 +26,14 @@ spp_ai.c \
stream.c stream.c
ACLOCAL_AMFLAGS = -I m4 ACLOCAL_AMFLAGS = -I m4
EXTRA_DIST = README INSTALL ChangeLog AUTHORS COPYING Doxyfile NEWS TODO doc etc include uthash etc/corr_rules *.h EXTRA_DIST = README INSTALL ChangeLog AUTHORS COPYING Doxyfile NEWS TODO doc etc include uthash corr_rules *.h
corr_rulesdir = ${CORR_RULES_PREFIX} corr_rulesdir = ${CORR_RULES_PREFIX}
corr_rules_DATA = corr_rules/* corr_rules_DATA = corr_rules/*
docdir = ${DOC_PREFIX}
doc_DATA = doc/html/*.html doc/html/*.css doc/html/*.png
sharedir = ${SHARE_PREFIX}
share_DATA = README INSTALL AUTHORS COPYING NEWS TODO ChangeLog

81
Makefile.in
View File

@ -71,7 +71,8 @@ am__nobase_list = $(am__nobase_strip_setup); \
am__base_list = \ am__base_list = \
sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(corr_rulesdir)" am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(corr_rulesdir)" \
"$(DESTDIR)$(docdir)" "$(DESTDIR)$(sharedir)"
LTLIBRARIES = $(lib_LTLIBRARIES) LTLIBRARIES = $(lib_LTLIBRARIES)
libsf_ai_preproc_la_LIBADD = libsf_ai_preproc_la_LIBADD =
am_libsf_ai_preproc_la_OBJECTS = libsf_ai_preproc_la-alert_parser.lo \ am_libsf_ai_preproc_la_OBJECTS = libsf_ai_preproc_la-alert_parser.lo \
@ -103,7 +104,7 @@ LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
SOURCES = $(libsf_ai_preproc_la_SOURCES) \ SOURCES = $(libsf_ai_preproc_la_SOURCES) \
$(nodist_libsf_ai_preproc_la_SOURCES) $(nodist_libsf_ai_preproc_la_SOURCES)
DIST_SOURCES = $(libsf_ai_preproc_la_SOURCES) DIST_SOURCES = $(libsf_ai_preproc_la_SOURCES)
DATA = $(corr_rules_DATA) DATA = $(corr_rules_DATA) $(doc_DATA) $(share_DATA)
ETAGS = etags ETAGS = etags
CTAGS = ctags CTAGS = ctags
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
@ -134,6 +135,7 @@ CPPFLAGS = @CPPFLAGS@
CYGPATH_W = @CYGPATH_W@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@ DEFS = @DEFS@
DEPDIR = @DEPDIR@ DEPDIR = @DEPDIR@
DOC_PREFIX = @DOC_PREFIX@
DSYMUTIL = @DSYMUTIL@ DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@ DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@ ECHO_C = @ECHO_C@
@ -177,6 +179,7 @@ PATH_SEPARATOR = @PATH_SEPARATOR@
RANLIB = @RANLIB@ RANLIB = @RANLIB@
SED = @SED@ SED = @SED@
SET_MAKE = @SET_MAKE@ SET_MAKE = @SET_MAKE@
SHARE_PREFIX = @SHARE_PREFIX@
SHELL = @SHELL@ SHELL = @SHELL@
STRIP = @STRIP@ STRIP = @STRIP@
VERSION = @VERSION@ VERSION = @VERSION@
@ -200,7 +203,7 @@ build_vendor = @build_vendor@
builddir = @builddir@ builddir = @builddir@
datadir = @datadir@ datadir = @datadir@
datarootdir = @datarootdir@ datarootdir = @datarootdir@
docdir = @docdir@ docdir = ${DOC_PREFIX}
dvidir = @dvidir@ dvidir = @dvidir@
exec_prefix = @exec_prefix@ exec_prefix = @exec_prefix@
extra_incl = @extra_incl@ extra_incl = @extra_incl@
@ -256,9 +259,12 @@ spp_ai.c \
stream.c stream.c
ACLOCAL_AMFLAGS = -I m4 ACLOCAL_AMFLAGS = -I m4
EXTRA_DIST = README INSTALL ChangeLog AUTHORS COPYING Doxyfile NEWS TODO doc etc include uthash etc/corr_rules *.h EXTRA_DIST = README INSTALL ChangeLog AUTHORS COPYING Doxyfile NEWS TODO doc etc include uthash corr_rules *.h
corr_rulesdir = ${CORR_RULES_PREFIX} corr_rulesdir = ${CORR_RULES_PREFIX}
corr_rules_DATA = corr_rules/* corr_rules_DATA = corr_rules/*
doc_DATA = doc/html/*.html doc/html/*.css doc/html/*.png
sharedir = ${SHARE_PREFIX}
share_DATA = README INSTALL AUTHORS COPYING NEWS TODO ChangeLog
all: $(BUILT_SOURCES) config.h all: $(BUILT_SOURCES) config.h
$(MAKE) $(AM_MAKEFLAGS) all-am $(MAKE) $(AM_MAKEFLAGS) all-am
@ -422,6 +428,46 @@ uninstall-corr_rulesDATA:
test -n "$$files" || exit 0; \ test -n "$$files" || exit 0; \
echo " ( cd '$(DESTDIR)$(corr_rulesdir)' && rm -f" $$files ")"; \ echo " ( cd '$(DESTDIR)$(corr_rulesdir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(corr_rulesdir)" && rm -f $$files cd "$(DESTDIR)$(corr_rulesdir)" && rm -f $$files
install-docDATA: $(doc_DATA)
@$(NORMAL_INSTALL)
test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)"
@list='$(doc_DATA)'; test -n "$(docdir)" || list=; \
for p in $$list; do \
if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
echo "$$d$$p"; \
done | $(am__base_list) | \
while read files; do \
echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(docdir)'"; \
$(INSTALL_DATA) $$files "$(DESTDIR)$(docdir)" || exit $$?; \
done
uninstall-docDATA:
@$(NORMAL_UNINSTALL)
@list='$(doc_DATA)'; test -n "$(docdir)" || list=; \
files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
test -n "$$files" || exit 0; \
echo " ( cd '$(DESTDIR)$(docdir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(docdir)" && rm -f $$files
install-shareDATA: $(share_DATA)
@$(NORMAL_INSTALL)
test -z "$(sharedir)" || $(MKDIR_P) "$(DESTDIR)$(sharedir)"
@list='$(share_DATA)'; test -n "$(sharedir)" || list=; \
for p in $$list; do \
if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
echo "$$d$$p"; \
done | $(am__base_list) | \
while read files; do \
echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(sharedir)'"; \
$(INSTALL_DATA) $$files "$(DESTDIR)$(sharedir)" || exit $$?; \
done
uninstall-shareDATA:
@$(NORMAL_UNINSTALL)
@list='$(share_DATA)'; test -n "$(sharedir)" || list=; \
files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
test -n "$$files" || exit 0; \
echo " ( cd '$(DESTDIR)$(sharedir)' && rm -f" $$files ")"; \
cd "$(DESTDIR)$(sharedir)" && rm -f $$files
ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \
@ -627,7 +673,7 @@ check: $(BUILT_SOURCES)
$(MAKE) $(AM_MAKEFLAGS) check-am $(MAKE) $(AM_MAKEFLAGS) check-am
all-am: Makefile $(LTLIBRARIES) $(DATA) config.h all-am: Makefile $(LTLIBRARIES) $(DATA) config.h
installdirs: installdirs:
for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(corr_rulesdir)"; do \ for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(corr_rulesdir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(sharedir)"; do \
test -z "$$dir" || $(MKDIR_P) "$$dir"; \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
done done
install: $(BUILT_SOURCES) install: $(BUILT_SOURCES)
@ -680,7 +726,8 @@ info: info-am
info-am: info-am:
install-data-am: install-corr_rulesDATA install-data-am: install-corr_rulesDATA install-docDATA \
install-shareDATA
install-dvi: install-dvi-am install-dvi: install-dvi-am
@ -727,7 +774,8 @@ ps: ps-am
ps-am: ps-am:
uninstall-am: uninstall-corr_rulesDATA uninstall-libLTLIBRARIES uninstall-am: uninstall-corr_rulesDATA uninstall-docDATA \
uninstall-libLTLIBRARIES uninstall-shareDATA
.MAKE: all check install install-am install-strip .MAKE: all check install install-am install-strip
@ -739,15 +787,16 @@ uninstall-am: uninstall-corr_rulesDATA uninstall-libLTLIBRARIES
distclean-tags distcleancheck distdir distuninstallcheck dvi \ distclean-tags distcleancheck distdir distuninstallcheck dvi \
dvi-am html html-am info info-am install install-am \ dvi-am html html-am info info-am install install-am \
install-corr_rulesDATA install-data install-data-am \ install-corr_rulesDATA install-data install-data-am \
install-dvi install-dvi-am install-exec install-exec-am \ install-docDATA install-dvi install-dvi-am install-exec \
install-html install-html-am install-info install-info-am \ install-exec-am install-html install-html-am install-info \
install-libLTLIBRARIES install-man install-pdf install-pdf-am \ install-info-am install-libLTLIBRARIES install-man install-pdf \
install-ps install-ps-am install-strip installcheck \ install-pdf-am install-ps install-ps-am install-shareDATA \
installcheck-am installdirs maintainer-clean \ install-strip installcheck installcheck-am installdirs \
maintainer-clean-generic mostlyclean mostlyclean-compile \ maintainer-clean maintainer-clean-generic mostlyclean \
mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
tags uninstall uninstall-am uninstall-corr_rulesDATA \ pdf pdf-am ps ps-am tags uninstall uninstall-am \
uninstall-libLTLIBRARIES uninstall-corr_rulesDATA uninstall-docDATA \
uninstall-libLTLIBRARIES uninstall-shareDATA
# Tell versions [3.59,3.63) of GNU make to not export all variables. # Tell versions [3.59,3.63) of GNU make to not export all variables.

2
TODO
View File

@ -1,6 +1,6 @@
- Correlation macros valid also for hierarchies flags
- Bayesian learning among alerts in alert log - Bayesian learning among alerts in alert log
- libgc support - libgc support
- PostgreSQL support
- Managing clusters for addresses, timestamps (and more?) - Managing clusters for addresses, timestamps (and more?)
- Dynamic cluster_min_size algorithm - Dynamic cluster_min_size algorithm

35
configure vendored
View File

@ -753,6 +753,8 @@ LIBOBJS
ALLOCA ALLOCA
LIBGRAPH_INCLUDES LIBGRAPH_INCLUDES
LIBXML2_INCLUDES LIBXML2_INCLUDES
SHARE_PREFIX
DOC_PREFIX
CORR_RULES_PREFIX CORR_RULES_PREFIX
extra_incl extra_incl
CPP CPP
@ -4585,13 +4587,13 @@ if test "${lt_cv_nm_interface+set}" = set; then :
else else
lt_cv_nm_interface="BSD nm" lt_cv_nm_interface="BSD nm"
echo "int some_variable = 0;" > conftest.$ac_ext echo "int some_variable = 0;" > conftest.$ac_ext
(eval echo "\"\$as_me:4588: $ac_compile\"" >&5) (eval echo "\"\$as_me:4590: $ac_compile\"" >&5)
(eval "$ac_compile" 2>conftest.err) (eval "$ac_compile" 2>conftest.err)
cat conftest.err >&5 cat conftest.err >&5
(eval echo "\"\$as_me:4591: $NM \\\"conftest.$ac_objext\\\"\"" >&5) (eval echo "\"\$as_me:4593: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
(eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
cat conftest.err >&5 cat conftest.err >&5
(eval echo "\"\$as_me:4594: output\"" >&5) (eval echo "\"\$as_me:4596: output\"" >&5)
cat conftest.out >&5 cat conftest.out >&5
if $GREP 'External.*some_variable' conftest.out > /dev/null; then if $GREP 'External.*some_variable' conftest.out > /dev/null; then
lt_cv_nm_interface="MS dumpbin" lt_cv_nm_interface="MS dumpbin"
@ -5797,7 +5799,7 @@ ia64-*-hpux*)
;; ;;
*-*-irix6*) *-*-irix6*)
# Find out which ABI we are using. # Find out which ABI we are using.
echo '#line 5800 "configure"' > conftest.$ac_ext echo '#line 5802 "configure"' > conftest.$ac_ext
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
(eval $ac_compile) 2>&5 (eval $ac_compile) 2>&5
ac_status=$? ac_status=$?
@ -7322,11 +7324,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7325: $lt_compile\"" >&5) (eval echo "\"\$as_me:7327: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err) (eval "$lt_compile" 2>conftest.err)
ac_status=$? ac_status=$?
cat conftest.err >&5 cat conftest.err >&5
echo "$as_me:7329: \$? = $ac_status" >&5 echo "$as_me:7331: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output. # So say no if there are warnings other than the usual output.
@ -7661,11 +7663,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7664: $lt_compile\"" >&5) (eval echo "\"\$as_me:7666: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err) (eval "$lt_compile" 2>conftest.err)
ac_status=$? ac_status=$?
cat conftest.err >&5 cat conftest.err >&5
echo "$as_me:7668: \$? = $ac_status" >&5 echo "$as_me:7670: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output. # So say no if there are warnings other than the usual output.
@ -7766,11 +7768,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7769: $lt_compile\"" >&5) (eval echo "\"\$as_me:7771: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err) (eval "$lt_compile" 2>out/conftest.err)
ac_status=$? ac_status=$?
cat out/conftest.err >&5 cat out/conftest.err >&5
echo "$as_me:7773: \$? = $ac_status" >&5 echo "$as_me:7775: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext if (exit $ac_status) && test -s out/conftest2.$ac_objext
then then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
@ -7821,11 +7823,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7824: $lt_compile\"" >&5) (eval echo "\"\$as_me:7826: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err) (eval "$lt_compile" 2>out/conftest.err)
ac_status=$? ac_status=$?
cat out/conftest.err >&5 cat out/conftest.err >&5
echo "$as_me:7828: \$? = $ac_status" >&5 echo "$as_me:7830: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext if (exit $ac_status) && test -s out/conftest2.$ac_objext
then then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
@ -10205,7 +10207,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF cat > conftest.$ac_ext <<_LT_EOF
#line 10208 "configure" #line 10210 "configure"
#include "confdefs.h" #include "confdefs.h"
#if HAVE_DLFCN_H #if HAVE_DLFCN_H
@ -10301,7 +10303,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF cat > conftest.$ac_ext <<_LT_EOF
#line 10304 "configure" #line 10306 "configure"
#include "confdefs.h" #include "confdefs.h"
#if HAVE_DLFCN_H #if HAVE_DLFCN_H
@ -11647,6 +11649,11 @@ else
fi fi
DOC_PREFIX="${prefix}/doc/snort_ai_preprocessor"
SHARE_PREFIX="${prefix}/share/snort_ai_preprocessor"
# Checks for header files. # Checks for header files.
if test ! -z "`pkg-config --cflags libxml-2.0 2> /dev/null`"; then : if test ! -z "`pkg-config --cflags libxml-2.0 2> /dev/null`"; then :

3
configure.ac
View File

@ -128,6 +128,9 @@ AS_IF([test "x$prefix" == x/usr],
[AC_SUBST([CORR_RULES_PREFIX], ["/etc/snort/corr_rules"])], [AC_SUBST([CORR_RULES_PREFIX], ["/etc/snort/corr_rules"])],
[AC_SUBST([CORR_RULES_PREFIX], ["${prefix}/etc/corr_rules"])]) [AC_SUBST([CORR_RULES_PREFIX], ["${prefix}/etc/corr_rules"])])
AC_SUBST([DOC_PREFIX], ["${prefix}/doc/snort_ai_preprocessor"])
AC_SUBST([SHARE_PREFIX], ["${prefix}/share/snort_ai_preprocessor"])
# Checks for header files. # Checks for header files.
AS_IF([test ! -z "`pkg-config --cflags libxml-2.0 2> /dev/null`"], AS_IF([test ! -z "`pkg-config --cflags libxml-2.0 2> /dev/null`"],