diff options
| author | John-Lin <linton.tw@gmail.com> | 2014-08-30 01:51:14 +0800 |
|---|---|---|
| committer | FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> | 2014-09-01 15:16:05 +0900 |
| commit | bbb7724423d79532e10450e1a250fb46e5215416 (patch) | |
| tree | 11864cf0fb6f781d4ecf8c5a6e1b65311c33656a /doc/source/_templates | |
| parent | 86550bf89869ca1ee834f514cb90ab7f0acaf9a8 (diff) | |
Snort integrate: Add the snort lib supporting snort integration. Add an sample application simple_switch_snort.py which can dump alert message.
When there is a Snort alert message, Ryu will receive an event called EventAlert.
You can easily define the event handler in the method which using ‘set_ev_cls’
decorator with snortlib.EventAlert parameter.
The simple_switch_snort.py can install a flow that mirroring incoming packets to the snort's NIC
which correspond the OpenFlow switch on port 3 (by default).
There are two methods that sending alert message to Ryu.
1. Ryu and Snort are both on the same machine.
Ryu receives alert message via Unix Domain Socket.
2. Ryu and Snort are separate on different machines.
Ryu receives alert message via Network Socket.
More detail see doc/snort_integrate.rst
Signed-off-by: Che-Wei Lin <linton.tw@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Diffstat (limited to 'doc/source/_templates')
0 files changed, 0 insertions, 0 deletions