我已經解決我的問題了，總結如下： ################################################## spp_template.c: In function `SetupTemplate': spp_template.c:100: warning: implicit declaration of function `DebugMessage' spp_template.c:100: error: `DEBUG_PLUGIN' undeclared (first use in this function) spp_template.c:100: error: (Each undeclared identifier is reported only once spp_template.c:100: error: for each function it appears in.) spp_template.c: In function `TemplateInit': spp_template.c:117: error: `DEBUG_PLUGIN' undeclared (first use in this function) spp_template.c:131: warning: passing arg 1 of `AddFuncToPreprocList' from incompatible pointer type spp_template.c:131: error: too few arguments to function `AddFuncToPreprocList' ################################################## 1. error: `DEBUG_PLUGIN' undeclared A: #include "debug.h" 我在spp_template.c引入debug.h的函式庫 2. warning: implicit declaration of function `DebugMessage' A: DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"..."); 我用DEBUG_WRAP()把DebugMessage()包起來 不過我不知道為何範例的寫法會有問題 3. warning: passing arg 1 of `AddFuncToPreprocList' from incompatible pointer type error: too few arguments to function `AddFuncToPreprocList' A: 新版的SNORT已經改過AddFuncToPreprocList()這個函式 SNORT2.4.1裡的型態為PreprocessFuncNode *AddFuncToPreprocList(void (*func) (Packet *, void *)) SNORT2.6.1.5裡的型態為PreprocessFuncNode *AddFuncToPreprocList(void (*func) (Packet *, void *), unsigned short priority, unsigned int preproc_id) 所以我目前改在SNORT2.4.1執行我的程式 4. ################################################## etc/snort.conf(803) unknown dynamic preprocessor "template" ERROR: Misconfigured dynamic preprocessor(s) Fatal Error, Quitting.. ################################################## A: 我在etc/snort.conf第803行是設定"preprocessor template" 所以我在spp_template.c註冊preprocessor的名稱時也要為"template" // RegisterPreprocessor("keyword", TemplateInit); RegisterPreprocessor("template", TemplateInit); 如果這兩個名稱不符合就會發生這個問題，然而範例是註冊為keyword 所以一定要去修改註冊的名稱 -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 140.118.155.68