| Age | Commit message (Collapse) | Author |
|---|
|
Currently, snort_integrate page is not included into toctree,
and it is difficult for user to find this page.
This patch adds snort_integrate page into toctree,
and removes warnings when building this page.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Remove the wrong way to get IP and bind with it.
Binding with '0.0.0.0' and listen on all host.
Update and fix typos in the snort_integrate.rst document.
Fix the problem about pigrelay reconnect to ryu will not be accepted.
Pigrelay is a program running on Snort that receive Snort alert
from UNIX socket and send to Ryu via network socket.
Signed-off-by: Che-Wei Lin <linton.tw@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
sample application simple_switch_snort.py which can dump alert message.
When there is a Snort alert message, Ryu will receive an event called EventAlert.
You can easily define the event handler in the method which using ‘set_ev_cls’
decorator with snortlib.EventAlert parameter.
The simple_switch_snort.py can install a flow that mirroring incoming packets to the snort's NIC
which correspond the OpenFlow switch on port 3 (by default).
There are two methods that sending alert message to Ryu.
1. Ryu and Snort are both on the same machine.
Ryu receives alert message via Unix Domain Socket.
2. Ryu and Snort are separate on different machines.
Ryu receives alert message via Network Socket.
More detail see doc/snort_integrate.rst
Signed-off-by: Che-Wei Lin <linton.tw@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
