Debug (Debug. H, debug. C) in Snort)

# Define debug_variable "snort_debug"
The system environment variable contains a variable named snort_debug.
Next is the macro definition of debug_lever of each module.

1 # Define Debug_all 0 xffffffff
2 # Define Debug_init 0x00000001/* 1 */
3 # Define Debug_configrules 0x00000002/* 2 */
4 # Define Debug_plugin 0x00000004/* 4 */
5 # Define Debug_datalink 0x00000008/* 8 */
6 # Define Debug_ip 0x00000010/* 16 */
7 # Define Debug_tcpudp 0x00000020/* 32 */
8 # Define Debug_decode 0x00000040/* 64 */
9 # Define Debug_log 0x00000080/* 128 */
10 # Define Debug_mstring 0x00000100/* 256 */
11 # Define Debug_parser 0x00000200/* 512 */
12 # Define Debug_plugbase 0x00000400/* 1024 */
13 # Define Debug_rules 0x00000800/* 2048 */
14 # Define Debug_flow 0x00001000/* 4096 */
15 # Define Debug_stream 0x00002000/* 8192 */
16 # Define Debug_pattern_match 0x00004000/* 16384 */
17 # Define Debug_detect 0x00008000/* 32768 */
18 # Define Debug_converation 0x00010000/* 65536 */
19 # Define Debug_frag2 0x00020000/* 131072 */
20 # Define Debug_http_decode 0x00040000/* 262144 */
21 # Define Debug_portscan2 0x00080000/* 524288/(+ conv2) 589824 */
22 # Define Debug_rpc 0x00100000/* 1048576 */
23 # Define Debug_flowsys 0x00200000/* 2097152 */
24 # Define Debug_httpinspect 0x00400000/* 4194304 */
25 # Define Debug_stream_state 0x00800000/* 8388608 */
26 # Define Debug_asn1 0x01000000/* 16777216 */

Int getdebuglevel (void); description.

1 Int Getdebuglevel ( Void )
2 {
3 Static   Int Debug_init =   0 ;
4 Static   Int Debug_level =   0 ;
5
6 If (Debug_init) {
7ReturnDebug_level; // If initialized, the system returns the debug_level
8}
9 // If it is not initialized, debug_level is retrieved from the environment variable.
10 If (Getenv (debug_variable ))
11 Debug_level = Atoi (getenv (debug_variable ));
12 Else
13 Debug_level =   0 ; // If no environment variable is set, debug_lever = 0
14 // Debug_init = 1 after the debugging level is set
15 Debug_init =   1 ;
16 Return Debug_level;
17 }

Int debugthis (INT level ); Int Debugthis ( Int Level)
{
// Determine whether the system needs to debug this module
// Method: Use the level of this module and the debug_variable set by the system.
If ( ! (Level & Getdebuglevel ()))
{
Return 0;
}
Return   1 ;
}

# Define debugmessage debugmessagefile = _ file __; debugmessageline = _ line __; debugmessagefunc

Void debugmessagefunc (INT, char *,...);
The preceding combination uses debugmessage (INT, char *,...);

Void Debugmessagefunc ( Int Level, Char   * FMT ,)
{
Va_list AP;
Char Buf [std_buf + 1 ];

If ( ! (Level & Getdebuglevel ()))
{
Return;
}

/**/ /*Filename and line number information*/
If (Debugmessagefile ! = Null)
Printf ( " % S: % d: " , Debugmessagefile, debugmessageline );

Va_start (AP, FMT );

If (Pv. daemon_flag)
{
Vsnprintf (BUF, std_buf, FMT, AP );
Syslog (log_daemon|Log_debug,"% S", Buf );
}
Else
{
Vprintf (FMT, AP );
}

Va_end (AP );
}

I did not understand a few questions in the past. After checking the information, I will summarize it as follows:

For several macros of VA variable parameters, VA must include <stdarg. h>
Va_list is a pointer to a parameter.
Void va_start (va_list arg_ptr, prev_param );
Type va_arg (va_list arg_ptr, type); return a variable parameter, type specifies the type of the returned
Void va_end (va_list arg_ptr );
In addition, there are some input and output stuff .... All input is replaced by printf with scanf.
# Include <stdio. h>
Int printf (const char * format ,...);
Int fprintf (File * stream, const char * format ,...);
Int sprintf (char * STR, const char * format ,...);
Int snprintf (char * STR, size_t size, const char * format ,...);

# Include <stdarg. h>

Int vprintf (const char * format, va_list AP );
Int vfprintf (File * stream, const char * format, va_list AP );
Int vsprintf (char * STR, const char * format, va_list AP );
Int vsnprintf (char * STR, size_t size, const char * format, va_list AP );

description
printf functions generate output content based on the following format parameters. the printf and vprintf functions write the output content to stdout, that is, the standard output stream. The fprintf and vfprintf functions write the output content to the given stream; sprintf, snprintf, the vsprintf and vsnprintf functions store the output content in the STR string.
these functions control the output content by the format string format parameter, which indicates how to access the following parameters (or parameters through the stdarg (3) Variable Length Parameter mechanism) convert to output content. these functions return the number of printed characters (excluding '\ 0' at the end of the string '). the output of snprintf and vsnprintf does not exceed the size byte (including '\ 0' at the end). If the output content is truncated due to this restriction, the function returns-1.
the format string (the format parameter) consists of zero to multiple commands: common characters (except %), which are unblocked and sent to the output stream; conversion specification. Each format conversion instruction extracts zero to multiple parameters from the end. format conversion starts with % characters. the parameter must be correctly mapped to the conversion specifier.