Re: [PATCH] filter on session age

Hi Stephan, Kees--

It should NOT be done this way.... the Stream API (see stream_api.h)
has functions to access data for a given Session/Stream.  It will
be used going forward -- direct use of stream.h has been removed
from all other areas of the code.

This is being done to have a well defined interface to Stream to
ease integration with a new streaming engine when it is ready.

Cheers.
-steve

Stephan wrote:
> Hi Kees
> 
> The patch compiles and works (with Snort 2.6.0) after I had applied the 
> following patch (otherwise the struct Session wasn't found):
> ***********
> --- sp_age_check.c.orig 2006-07-25 10:15:33.808324000 +0200
> +++ sp_age_check.c      2006-07-25 10:15:50.808329000 +0200
> @@ -52,6 +52,9 @@
>  #include "plugin_enum.h"
>  #include "util.h"
>  #include "sp_age_check.h"
> +#define _STREAM4_INTERNAL_USAGE_ONLY_
> +#include "stream.h"
> +#undef _STREAM4_INTERNAL_USAGE_ONLY_
> 
> 
>  typedef struct _AgeCheckData
> ***********
> 
> I wrote a detection plugin for measure the entropy of packets.
> 
> 
> Best regards,
> Stephan Toggweiler
> 
> 
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Snort-devel mailing list
> Snort-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/snort-devel
> 


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV