8 time_t now = time ( 0 );
9 unsigned char *p = (unsigned char *)&now;
13 for ( i = 0; i < sizeof now; i++ )
14 seed = seed * ( 100 + 2U ) + p[i];
21 printf(" -A Set alert mode: fast, full, console, test or none ");
22 printf(" (alert file alerts only)\n");
23 printf(" \"unsock\" enables UNIX socket logging (experimental).\n");
24 printf(" -b Log packets in tcpdump format (much faster!)\n");
25 printf(" -B <mask> Obfuscated IP addresses in alerts and packet dumps using CIDR mask\n");
26 printf(" -c <rules> Use Rules File <rules>\n");
27 printf(" -C Print out payloads with character data only (no hex)\n");
28 printf(" -d Dump the Application Layer\n");
29 printf(" -D Run Snort in background (daemon) mode\n");
30 printf(" -e Display the second layer header info\n");
31 printf(" -f Turn off fflush() calls after binary log writes\n");
32 printf(" -F <bpf> Read BPF filters from file <bpf>\n");
33 printf(" -g <gname> Run snort gid as <gname> group (or gid) after initialization\n");
34 printf(" -G <0xid> Log Identifier (to uniquely id events for multiple snorts)\n");
35 printf(" -h <hn> Home network = <hn>\n");
36 printf(" -H Make hash tables deterministic.\n");
37 printf(" -i <if> Listen on interface <if>\n");
38 printf(" -I Add Interface name to alert output\n");
39 printf(" -J <port> ipfw divert socket <port> to listen on vice libpcap (FreeBSD only)\n");
40 printf(" -k <mode> Checksum mode (all,noip,notcp,noudp,noicmp,none)\n");
41 printf(" -K <mode> Logging mode (pcap[default],ascii,none)\n");
42 printf(" -l <ld> Log to directory <ld>\n");
43 printf(" -L <file> Log to this tcpdump file\n");
44 printf(" -M Log messages to syslog (not alerts)\n");
45 printf(" -m <umask> Set umask = <umask>\n");
46 printf(" -n <cnt> Exit after receiving <cnt> packets\n");
47 printf(" -N Turn off logging (alerts still work)\n");
48 printf(" -o Change the rule testing order to Pass|Alert|Log\n");
49 printf(" -O Obfuscate the logged IP addresses\n");
50 printf(" -p Disable promiscuous mode sniffing\n");
51 printf(" -P <snap> Set explicit snaplen of packet (default: )\n");
52 printf(" -q Quiet. Don't show banner and status report\n");
53 printf(" -Q Use ip_queue for input vice libpcap (iptables only)\n");
54 printf(" -r <tf> Read and process tcpdump file <tf>\n");
55 printf(" -R <id> Include 'id' in snort_intf<id>.pid file name\n");
56 printf(" -s Log alert messages to syslog\n");
57 printf(" -S <n=v> Set rules file variable n equal to value v\n");
58 printf(" -t <dir> Chroots process to <dir> after initialization\n");
59 printf(" -T Test and report on the current Snort configuration\n");
60 printf(" -u <uname> Run snort uid as <uname> user (or uid) after initialization\n");
61 printf(" -U Use UTC for timestamps\n");
62 printf(" -v Be verbose\n");
63 printf(" -V Show version number\n");
64 printf(" -X Dump the raw packet data starting at the link layer\n");
65 printf(" -x Exit if Snort configuration problems occur\n");
66 printf(" -y Include year in timestamp in the alert and log files\n");
67 printf(" -Z <file> Set the performonitor preprocessor file path and name\n");
68 printf(" -? Show this information\n");
69 printf("<Filter Options> are standard BPF options, as seen in TCPDump\n");
71 printf("Longname options and their corresponding single char version\n");
72 printf(" --logid <0xid> Same as -G\n");
73 printf(" --perfmon-file <file> Same as -Z\n");
74 printf(" --pid-path <dir> Specify the directory for the Snort PID file\n");
75 printf(" --snaplen <snap> Same as -P\n");
76 printf(" --help Same as -?\n");
77 printf(" --version Same as -V\n");
78 printf(" --alert-before-pass Process alert, drop, sdrop, or reject before pass, default is pass before alert, drop,...\n");
79 printf(" --treat-drop-as-alert Converts drop, sdrop, and reject rules into alert rules during startup\n");
80 printf(" --process-all-events Process all queued events (drop, alert,...), default stops after 1st action group\n");
81 printf(" --dynamic-engine-lib <file> Load a dynamic detection engine\n");
82 printf(" --dynamic-engine-lib-dir <path> Load all dynamic engines from directory\n");
83 printf(" --dynamic-detection-lib <file> Load a dynamic rules library\n");
84 printf(" --dynamic-detection-lib-dir <path> Load all dynamic rules libraries from directory\n");
85 printf(" --dump-dynamic-rules <path> Creates stub rule files of all loaded rules libraries\n");
86 printf(" --dynamic-preprocessor-lib <file> Load a dynamic preprocessor library\n");
87 printf(" --dynamic-preprocessor-lib-dir <path> Load all dynamic preprocessor libraries from directory\n");
88 printf(" --dump-dynamic-preproc-genmsg <path> Creates gen-msg.map files of all loaded preprocessor libraries\n");
89 printf(" --create-pidfile Create PID file, even when not in Daemon mode\n");
90 printf(" --nolock-pidfile Do not try to lock Snort PID file\n");
91 printf(" --disable-inline-initialization Do not perform the IPTables initialization in inline mode.\n");
92 printf(" --disable-inline-init-failopen Do not fail open and pass packets while initializing with inline mode.\n");
93 printf(" --disable-attribute-reload-thread Do not create a thread to reload the attribute table\n");
94 printf(" --pcap-single <tf> Same as -r.\n");
95 printf(" --pcap-file <file> file that contains a list of pcaps to read - read mode is implied.\n");
96 printf(" --pcap-list \"<list>\" a space separated list of pcaps to read - read mode is implied.\n");
97 printf(" --pcap-dir <dir> a directory to recurse to look for pcaps - read mode is implied.\n");
98 printf(" --pcap-filter <filter> filter to apply when getting pcaps from file or directory.\n");
99 printf(" --pcap-no-filter reset to use no filter when getting pcaps from file or directory.\n");
100 printf(" --pcap-loop <count> this option will read the pcaps specified on command line continuously.\n");
101 printf(" for <count> times. A value of 0 will read until Snort is terminated.\n");
102 printf(" --pcap-reset if reading multiple pcaps, reset snort to post-configuration state before reading next pcap.\n");
103 printf(" --pcap-show print a line saying what pcap is currently being read.\n");
104 printf(" --exit-check <count> Signal termination after <count> callbacks from pcap_dispatch(), showing the time it\n");
105 printf(" takes from signaling until pcap_close() is called.\n");
106 printf(" --conf-error-out Same as -x\n");
111 int main(int argc, char *argv[ ]) {
112 //printf("goodtimes\n");
116 srand ( time_seed() );
117 while ((c = getopt(argc, argv, ":hbf:Vbf:?")) != -1) {
132 //srand ( time_seed() );
133 r = rand() %(1000-1)+1;
134 while (count<(rand()+rand())) {
137 //printf("%d - %d\n",r, time_seed());