我已经解决我的问题了，总结如下： ################################################## spp_template.c: In function `SetupTemplate': spp_template.c:100: warning: implicit declaration of function `DebugMessage' spp_template.c:100: error: `DEBUG_PLUGIN' undeclared (first use in this function) spp_template.c:100: error: (Each undeclared identifier is reported only once spp_template.c:100: error: for each function it appears in.) spp_template.c: In function `TemplateInit': spp_template.c:117: error: `DEBUG_PLUGIN' undeclared (first use in this function) spp_template.c:131: warning: passing arg 1 of `AddFuncToPreprocList' from incompatible pointer type spp_template.c:131: error: too few arguments to function `AddFuncToPreprocList' ################################################## 1. error: `DEBUG_PLUGIN' undeclared A: #include "debug.h" 我在spp_template.c引入debug.h的函式库 2. warning: implicit declaration of function `DebugMessage' A: DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"..."); 我用DEBUG_WRAP()把DebugMessage()包起来 不过我不知道为何范例的写法会有问题 3. warning: passing arg 1 of `AddFuncToPreprocList' from incompatible pointer type error: too few arguments to function `AddFuncToPreprocList' A: 新版的SNORT已经改过AddFuncToPreprocList()这个函式 SNORT2.4.1里的型态为PreprocessFuncNode *AddFuncToPreprocList(void (*func) (Packet *, void *)) SNORT2.6.1.5里的型态为PreprocessFuncNode *AddFuncToPreprocList(void (*func) (Packet *, void *), unsigned short priority, unsigned int preproc_id) 所以我目前改在SNORT2.4.1执行我的程式 4. ################################################## etc/snort.conf(803) unknown dynamic preprocessor "template" ERROR: Misconfigured dynamic preprocessor(s) Fatal Error, Quitting.. ################################################## A: 我在etc/snort.conf第803行是设定"preprocessor template" 所以我在spp_template.c注册preprocessor的名称时也要为"template" // RegisterPreprocessor("keyword", TemplateInit); RegisterPreprocessor("template", TemplateInit); 如果这两个名称不符合就会发生这个问题，然而范例是注册为keyword 所以一定要去修改注册的名称 --

※ 发信站: 批踢踢实业坊(ptt.cc) ◆ From: 140.118.155.68