and VS2019. Ran 32- and 64-bit SNFMultiTest program. Removed from 32bitDLL and 64bitDLL files created by the build procedure. Added to 32bitDLL the needed DLLs, and removed old DLLs.master
IMPORTANT!! | IMPORTANT!! | ||||
The libgcc_s_dw2-1.dll, libstdc++-6.dll, and snfmulti.dll from this | |||||
distribution _MUST_ be kept together. There are multiple versions of | |||||
libgcc_s_dw2-1.dll and libstdc++-6.dll. Other versions may not be | |||||
compatible with this distribution. | |||||
The libgcc_s_sjlj-1.dll, libwinpthread-1.dll, libstdc++-6.dll, and | |||||
snfmulti.dll from this distribution _MUST_ be kept together, and must | |||||
be on the path. There are multiple versions of these files. Other | |||||
versions may not be compatible with this distribution. | |||||
If you experience errors such as segmentation faults or "The | If you experience errors such as segmentation faults or "The | ||||
application failed to initialize" then the most likely reason is that | application failed to initialize" then the most likely reason is that | ||||
an incompatible version of libgcc_s_dw2-1.dll or libstdc++-6.dll is | |||||
being loaded by snfmulti.dll. | |||||
an incompatible version of libgcc_s_sjlj-1.dll, libwinpthread-1.dll, | |||||
or libstdc++-6.dll is being loaded by snfmulti.dll. | |||||
EXPORTS | |||||
closeScan @1 | |||||
getIPReputation @2 | |||||
getScanClassicLog @3 | |||||
getScanResult @4 | |||||
getScanXHeaders @5 | |||||
getScanXMLLog @6 | |||||
scanBuffer @7 | |||||
scanFile @8 | |||||
setThrottle @9 | |||||
shutdownSNF @10 | |||||
startupSNF @11 | |||||
startupSNFAuthenticated @12 | |||||
testIP @13 |
IMPORTANT!! | IMPORTANT!! | ||||
The libgcc_s_sjlj-1.dll and snfmulti.dll from this distribution _MUST_ | |||||
be kept together. There are multiple versions of | |||||
libgcc_s_sjlj-1.dll. Other versions may not be compatible with this | |||||
distribution. | |||||
If you experience errors such as segmentation faults or "The | |||||
application failed to initialize" then the most likely reason is that | |||||
an incompatible version of the libgcc_s_sjlj-1.dll is being loaded by | |||||
snfmulti.dll. | |||||
The snfmulti.dll from this distribution _MUST_ be on the path when | |||||
running programs that make SNFMulti calls. |
EXPORTS | |||||
closeScan @1 | |||||
getIPReputation @2 | |||||
getScanClassicLog @3 | |||||
getScanResult @4 | |||||
getScanXHeaders @5 | |||||
getScanXMLLog @6 | |||||
scanBuffer @7 | |||||
scanFile @8 | |||||
setThrottle @9 | |||||
shutdownSNF @10 | |||||
startupSNF @11 | |||||
startupSNFAuthenticated @12 | |||||
testIP @13 |
README file for command files for building SNFServer library and applications | README file for command files for building SNFServer library and applications | ||||
Copyright (c) 2009 ARM Research Laboratories | |||||
Copyright (c) 2009, 2020 ARM Research Laboratories | |||||
This is the README file for building the SNFMulti library and | This is the README file for building the SNFMulti library and | ||||
SNFMultiTest application using the 64-bit MinGW toolchain. | SNFMultiTest application using the 64-bit MinGW toolchain. | ||||
directory. The source files are in the ../SNFMulti and | directory. The source files are in the ../SNFMulti and | ||||
../CodeDweller directories. | ../CodeDweller directories. | ||||
2) Run "buildSNFMultiDLL.cmd". This builds snfmulti.dll, | 2) Run "buildSNFMultiDLL.cmd". This builds snfmulti.dll, | ||||
libsnfmulti.a, and snfmulti.def. These are the same files built | |||||
by Code::Blocks. | |||||
libsnfmulti.a, and snfmulti.def. | |||||
To build the import and export SNFMulti libraries for VS2008: | |||||
To build the import and export SNFMulti libraries for VS2019: | |||||
1) With the VS2008 command prompt, run "buildVS2008SNFMultiImportLib.cmd". | |||||
This reads snfmulti.def and creates vs2008_snfmulti.lib (the SNFMulti import | |||||
library) and vs2008_snfmulti.exp (the SNFMulti export library). | |||||
1) With the VS2019 command prompt, run "buildVS2019SNFMultiImportLib.cmd". | |||||
This reads snfmulti.def and creates vs2019_snfmulti.lib (the SNFMulti import | |||||
library) and vs2019_snfmulti.exp (the SNFMulti export library). | |||||
To copy to where the sample programs can find the files: | To copy to where the sample programs can find the files: | ||||
To run SNFMultiTest: | To run SNFMultiTest: | ||||
1) Make sure that all DLLs required by MinGW are available to | 1) Make sure that all DLLs required by MinGW are available to | ||||
SNFMultiTest. For example, MinGW 5.1.4 needs mingwm10.dll, which | |||||
is in \MinGW\bin. | |||||
SNFMultiTest. The required files are in ../32bitDLL. | |||||
2) Make sure that the sniffer configuration file is named | 2) Make sure that the sniffer configuration file is named | ||||
prescale.xml, and is in the current directory. A suitable | prescale.xml, and is in the current directory. A suitable | ||||
configuration file is ..\SNFMultiSDK_Windows_3.1\snf_engine.xml. | |||||
configuration file is ..\MinGW-64\prescale.xml. | |||||
3) Enter :SNFMultiTest" at the command line. |
setlocal | setlocal | ||||
del snfmulti.dll snfmulti.def libsnfmulti.a | del snfmulti.dll snfmulti.def libsnfmulti.a | ||||
REM set path=c:\MinGW\bin;%path% | REM set path=c:\MinGW\bin;%path% | ||||
set path=c:\Program Files\MinGW-W64\x86_64-8.1.0-posix-seh-rt_v6-rev0\mingw64\bin;%path% | |||||
set path=c:\Program Files (x86)\MinGW-W64\i686-8.1.0-posix-sjlj-rt_v6-rev0\mingw32\bin;%path% | |||||
set CXX=c++ | set CXX=c++ | ||||
REM set LIB=c:\MinGW\lib\libws2_32.a -loleaut32 | REM set LIB=c:\MinGW\lib\libws2_32.a -loleaut32 | ||||
set LIB="c:\Program Files\MinGW-W64\x86_64-8.1.0-posix-seh-rt_v6-rev0\mingw64\x86_64-w64-mingw32\lib\libws2_32.a" -loleaut32 | |||||
set LIB="c:\Program Files (x86)\mingw-w64\i686-8.1.0-posix-sjlj-rt_v6-rev0\mingw32\i686-w64-mingw32\lib\libws2_32.a" -loleaut32 | |||||
set LDFLAGS=-Wl,--output-def=snfmulti.def -Wl,--out-implib=libsnfmulti.a -Wl,-dll | set LDFLAGS=-Wl,--output-def=snfmulti.def -Wl,--out-implib=libsnfmulti.a -Wl,-dll | ||||
%CXX% -shared -o snfmulti.dll %LDFLAGS% snfmultidll.o FilterChain.o GBUdb.o mangler.o scanner.o snfCFGmgr.o snf_engine.o snfGBUdbmgr.o snf_HeaderFinder.o snfLOGmgr.o SNFMulti.o snfNETmgr.o snf_sync.o snf_xci.o snfXCImgr.o base64codec.o configuration.o networking.o threading.o timing.o %LIB% | %CXX% -shared -o snfmulti.dll %LDFLAGS% snfmultidll.o FilterChain.o GBUdb.o mangler.o scanner.o snfCFGmgr.o snf_engine.o snfGBUdbmgr.o snf_HeaderFinder.o snfLOGmgr.o SNFMulti.o snfNETmgr.o snf_sync.o snf_xci.o snfXCImgr.o base64codec.o configuration.o networking.o threading.o timing.o %LIB% |
setlocal | setlocal | ||||
REM set path=c:\MinGW\bin;%path% | |||||
REM set LIB=c:\MinGW\lib\libws2_32.a | |||||
del SNFMultiTest.exe | del SNFMultiTest.exe | ||||
set path=c:\MinGW\bin;%path% | |||||
set path=c:\Program Files (x86)\MinGW-W64\i686-8.1.0-posix-sjlj-rt_v6-rev0\mingw32\bin;%path% | |||||
set CXX=c++ | set CXX=c++ | ||||
set CXXFLAGS=-I../include -I../SNFMulti -I../CodeDweller -I.. -mthreads | |||||
set LIB=c:\MinGW\lib\libws2_32.a | |||||
set CXXFLAGS=-I../include -I../SNFMulti -I../CodeDweller -I.. -mthreads -static-libgcc -static-libstdc++ | |||||
set LIB="c:\Program Files (x86)\mingw-w64\i686-8.1.0-posix-sjlj-rt_v6-rev0\mingw32\i686-w64-mingw32\lib\libws2_32.a" | |||||
set LDFLAGS=-L. -lSNFMulti | set LDFLAGS=-L. -lSNFMulti | ||||
%CXX% ../SNFMultiTest/main.cpp ../CodeDweller/timing.cpp ../CodeDweller/threading.cpp %CXXFLAGS% -o SNFMultiTest.exe %LDFLAGS% | %CXX% ../SNFMultiTest/main.cpp ../CodeDweller/timing.cpp ../CodeDweller/threading.cpp %CXXFLAGS% -o SNFMultiTest.exe %LDFLAGS% |
DEL vs2019_snfmulti.* | |||||
LIB /DEF:SNFMulti.def /OUT:vs2019_snfmulti.lib /MACHINE:X86 |
setlocal | setlocal | ||||
REM set path=c:\MinGW\bin;%path% | REM set path=c:\MinGW\bin;%path% | ||||
set path=c:\Program Files\MinGW-W64\x86_64-8.1.0-posix-seh-rt_v6-rev0\mingw64\bin;%path% | |||||
REM set path=c:\Program Files\MinGW-W64\x86_64-8.1.0-win32-seh-rt_v6-rev0\mingw64\bin;%path% | |||||
set path=c:\Program Files (x86)\MinGW-W64\i686-8.1.0-posix-sjlj-rt_v6-rev0\mingw32\bin;%path% | |||||
set CXX=c++ | set CXX=c++ | ||||
set CXXFLAGS=-I../CodeDweller -I../SNFMulti -mthreads -O3 -m32 -D_USE_32BIT_TIME_T | |||||
set CXXFLAGS=-I../CodeDweller -I../SNFMulti -mthreads -O3 -m32 -D_USE_32BIT_TIME_T -std=c++11 -DWIN32 | |||||
del *.o | del *.o | ||||
%CXX% %CXXFLAGS% -c ../SNFMulti/FilterChain.cpp -o FilterChain.o | %CXX% %CXXFLAGS% -c ../SNFMulti/FilterChain.cpp -o FilterChain.o | ||||
%CXX% %CXXFLAGS% -c ../SNFMulti/GBUdb.cpp -o GBUdb.o | %CXX% %CXXFLAGS% -c ../SNFMulti/GBUdb.cpp -o GBUdb.o |
set DESTDIR=..\32bitDll | set DESTDIR=..\32bitDll | ||||
COPY snfmulti.dll %DESTDIR% | COPY snfmulti.dll %DESTDIR% | ||||
COPY snfmulti.def %DESTDIR% | COPY snfmulti.def %DESTDIR% | ||||
COPY vs2008_snfmulti.* %DESTDIR% | |||||
COPY vs2019_snfmulti.* %DESTDIR% |
README file for command files for building SNFServer library and applications | README file for command files for building SNFServer library and applications | ||||
Copyright (c) 2009-2012 ARM Research Laboratories | |||||
Copyright (c) 2009, 2020 ARM Research Laboratories | |||||
This is the README file for building the SNFMulti library and | This is the README file for building the SNFMulti library and | ||||
SNFMultiTest application using the 64-bit MinGW toolchain. | SNFMultiTest application using the 64-bit MinGW toolchain. | ||||
Prerequisites | |||||
1) Install the 64-bit MinGW compiler in C:\MinGW-64. | |||||
2) Modify the MinGW distribution as follows: | |||||
a) Modify c:\mingw-64\x86_64-w64-mingw32\include\winioctl.h: | |||||
Change "Unknown" enumeration name to "_Unknown" (at approximately line 490). | |||||
b) Modify c:\mingw-64\x86_64-w64-mingw32\include\math.h: | |||||
Command out "struct exception;" (at approximately line 15). | |||||
To build SNFMulti.dll | To build SNFMulti.dll | ||||
1) Run "compileSNFMultiDLL.cmd". This compiles the SNFMulti files | 1) Run "compileSNFMultiDLL.cmd". This compiles the SNFMulti files | ||||
../CodeDweller directories. | ../CodeDweller directories. | ||||
2) Run "buildSNFMultiDLL.cmd". This builds snfmulti.dll, | 2) Run "buildSNFMultiDLL.cmd". This builds snfmulti.dll, | ||||
libsnfmulti.a, and snfmulti.def. These are the same files built | |||||
by Code::Blocks. | |||||
libsnfmulti.a, and snfmulti.def. | |||||
To build the import and export SNFMulti libraries for VS2008: | To build the import and export SNFMulti libraries for VS2008: | ||||
1) With the VS2008 command prompt, run "buildVS2008SNFMultiImportLib.cmd". | |||||
This reads snfmulti.def and creates vs2008_snfmulti.lib (the SNFMulti import | |||||
library) and vs2008_snfmulti.exp (the SNFMulti export library). | |||||
1) With the VS2019 command prompt, run "buildVS2019SNFMultiImportLib.cmd". | |||||
This reads snfmulti.def and creates vs2019_snfmulti.lib (the SNFMulti import | |||||
library) and vs2019_snfmulti.exp (the SNFMulti export library). | |||||
To copy to where the sample programs can find the files: | To copy to where the sample programs can find the files: | ||||
To run SNFMultiTest: | To run SNFMultiTest: | ||||
1) Make sure that all DLLs required by MinGW are available to | |||||
SNFMultiTest. For example, MinGW-64 with gcc 4.4.0 needs | |||||
libgcc_s_sjlj-1.dll, which is in \MinGW-64\bin. | |||||
2) Make sure that the sniffer configuration file is named | |||||
prescale.xml, and is in the current directory. A suitable | |||||
configuration file is ..\SNFMultiSDK_Windows_3.1\snf_engine.xml. | |||||
1) Enter :SNFMultiTest" at the command line. |
del SNFMultiTest.exe | del SNFMultiTest.exe | ||||
set path=c:\MinGW-64\bin;%path% | |||||
set CXX=x86_64-pc-mingw32-c++ | |||||
REM set path=c:\MinGW-64\bin;%path% | |||||
REM set CXX=x86_64-pc-mingw32-c++ | |||||
REM set LIB=c:\MinGW-64\x86_64-pc-mingw32\lib64\libws2_32.a | |||||
set path=c:\Program Files\MinGW-W64\x86_64-8.1.0-posix-seh-rt_v6-rev0\mingw64\bin;%path% | |||||
set CXX=c++ | |||||
set LIB="c:\Program Files\MinGW-W64\x86_64-8.1.0-posix-seh-rt_v6-rev0\mingw64\x86_64-w64-mingw32\lib\libws2_32.a" | |||||
set CXXFLAGS=-I../include -I../SNFMulti -I../CodeDweller -I.. -mthreads | set CXXFLAGS=-I../include -I../SNFMulti -I../CodeDweller -I.. -mthreads | ||||
set LIB=c:\MinGW-64\x86_64-pc-mingw32\lib64\libws2_32.a | |||||
set LDFLAGS=-L. -lSNFMulti | set LDFLAGS=-L. -lSNFMulti | ||||
%CXX% ../SNFMultiTest/main.cpp ../CodeDweller/timing.cpp ../CodeDweller/threading.cpp %CXXFLAGS% -o SNFMultiTest.exe %LDFLAGS% | %CXX% ../SNFMultiTest/main.cpp ../CodeDweller/timing.cpp ../CodeDweller/threading.cpp %CXXFLAGS% -o SNFMultiTest.exe %LDFLAGS% |
DEL vs2019_snfmulti.* | |||||
LIB /DEF:SNFMulti.def /OUT:vs2019_snfmulti.lib /MACHINE:X64 |
set DESTDIR=..\64bitDll | set DESTDIR=..\64bitDll | ||||
COPY snfmulti.dll %DESTDIR% | COPY snfmulti.dll %DESTDIR% | ||||
COPY snfmulti.def %DESTDIR% | COPY snfmulti.def %DESTDIR% | ||||
COPY vs2008_snfmulti.* %DESTDIR% | |||||
COPY vs2019_snfmulti.* %DESTDIR% |
<!-- SNFMulti V3.0 Configuration File, Setup: Typical of Win* Client / Server --> | |||||
<!-- http://www.armresearch.com/support/articles/software/snfServer/config/snfEngine.jsp --> | |||||
<snf> | |||||
<node identity='c:/SNF/identity.xml'> | |||||
<paths> | |||||
<log path='c:/SNF/'/> | |||||
<rulebase path='c:/SNF/'/> | |||||
<workspace path='c:/SNF/'/> | |||||
</paths> | |||||
<logs> | |||||
<rotation localtime='no'/> | |||||
<status> | |||||
<second log='yes' append='no'/> | |||||
<minute log='yes' append='no'/> | |||||
<hour log='no' append='no'/> | |||||
</status> | |||||
<scan> | |||||
<identifier force-message-id='no'/> | |||||
<classic mode='none' rotate='yes' matches='unique'/> | |||||
<xml mode='file' rotate='yes' matches='all' performance='yes' gbudb='yes'/> | |||||
<xheaders> | |||||
<output mode='none'/> | |||||
<version on-off='off'>X-MessageSniffer-Version</version> | |||||
<license on-off='off'>X-MessageSniffer-License</license> | |||||
<rulebase on-off='off'>X-MessageSniffer-RulebaseUTC</rulebase> | |||||
<identifier on-off='off'>X-MessageSniffer-Identifier</identifier> | |||||
<gbudb on-off='on'>X-GBUdb-Analysis</gbudb> | |||||
<result on-off='off'>X-MessageSniffer-Scan-Result</result> | |||||
<matches on-off='on'>X-MessageSniffer-Rules</matches> | |||||
<black on-off='off'>X-MessageSniffer-Spam: Yes</black> | |||||
<white on-off='off'>X-MessageSniffer-White: Yes</white> | |||||
<clean on-off='off'>X-MessageSniffer-Clean: Yes</clean> | |||||
<symbol on-off='off' n='0'>X-MessageSniffer-SNF-Group: OK</symbol> | |||||
<symbol on-off='off' n='20'>X-MessageSniffer-SNF-Group: Truncated</symbol> | |||||
<symbol on-off='off' n='40'>X-MessageSniffer-SNF-Group: Caution</symbol> | |||||
<symbol on-off='off' n='63'>X-MessageSniffer-SNF-Group: Black</symbol> | |||||
<symbol on-off='off' n='62'>X-MessageSniffer-SNF-Group: Obfuscation</symbol> | |||||
<symbol on-off='off' n='61'>X-MessageSniffer-SNF-Group: Abstract</symbol> | |||||
<symbol on-off='off' n='60'>X-MessageSniffer-SNF-Group: General</symbol> | |||||
<symbol on-off='off' n='59'>X-MessageSniffer-SNF-Group: Casinos-Gambling</symbol> | |||||
<symbol on-off='off' n='58'>X-MessageSniffer-SNF-Group: Debt-Credit</symbol> | |||||
<symbol on-off='off' n='57'>X-MessageSniffer-SNF-Group: Get-Rich</symbol> | |||||
<symbol on-off='off' n='56'>X-MessageSniffer-SNF-Group: Ink-Toner</symbol> | |||||
<symbol on-off='off' n='55'>X-MessageSniffer-SNF-Group: Malware</symbol> | |||||
<symbol on-off='off' n='54'>X-MessageSniffer-SNF-Group: Porn-Dating-Adult</symbol> | |||||
<symbol on-off='off' n='53'>X-MessageSniffer-SNF-Group: Scam-Phishing</symbol> | |||||
<symbol on-off='off' n='52'>X-MessageSniffer-SNF-Group: Snake-Oil</symbol> | |||||
<symbol on-off='off' n='51'>X-MessageSniffer-SNF-Group: Spamware</symbol> | |||||
<symbol on-off='off' n='50'>X-MessageSniffer-SNF-Group: Media-Theft</symbol> | |||||
<symbol on-off='off' n='49'>X-MessageSniffer-SNF-Group: AV-Push</symbol> | |||||
<symbol on-off='off' n='48'>X-MessageSniffer-SNF-Group: Insurance</symbol> | |||||
<symbol on-off='off' n='47'>X-MessageSniffer-SNF-Group: Travel</symbol> | |||||
</xheaders> | |||||
</scan> | |||||
</logs> | |||||
<network> | |||||
<sync secs='30' host='sync.messagesniffer.net' port='25'/> | |||||
<update-script on-off='on' call='c:/SNF/getRulebase.cmd' guard-time='180'/> | |||||
</network> | |||||
<xci on-off='on' port='9001'/> | |||||
<gbudb> | |||||
<database> | |||||
<condense minimum-seconds-between='600'> | |||||
<time-trigger on-off='on' seconds='86400'/> | |||||
<posts-trigger on-off='off' posts='1200000'/> | |||||
<records-trigger on-off='off' records='600000'/> | |||||
<size-trigger on-off='on' megabytes='150'/> | |||||
</condense> | |||||
<checkpoint on-off='on' secs='3600'/> | |||||
</database> | |||||
<regions> | |||||
<white on-off='on' symbol='0'> | |||||
<edge probability='-1.0' confidence='0.4'/> | |||||
<edge probability='-0.8' confidence='1.0'/> | |||||
<panic on-off='on' rule-range='1000'/> | |||||
</white> | |||||
<caution on-off='on' symbol='40'> | |||||
<edge probability='0.4' confidence='0.0'/> | |||||
<edge probability='0.8' confidence='0.5'/> | |||||
</caution> | |||||
<black on-off='on' symbol='63'> | |||||
<edge probability='0.8' confidence='0.2'/> | |||||
<edge probability='0.8' confidence='1.0'/> | |||||
<truncate on-off='on' probability='0.9' peek-one-in='5' symbol='20'/> | |||||
<sample on-off='on' probability='0.8' grab-one-in='5' passthrough='no' passthrough-symbol='0'/> | |||||
</black> | |||||
</regions> | |||||
<training on-off='on'> | |||||
<bypass> | |||||
<!-- <header name='To:' find='spam@example.com'/> --> | |||||
<!-- <header name='Received:' ordinal='1' find='friendlyhost.com'/> --> | |||||
</bypass> | |||||
<drilldown> | |||||
<!-- <received ordinal='0' find='[12.34.56.'/> where we want to ignore 12.34.56.0/24 --> | |||||
<!-- <received ordinal='0' find='mixed-source.com'/> --> | |||||
<!-- <received ordinal='1' find='mixed-source-internal.com'/> --> | |||||
</drilldown> | |||||
<source> | |||||
<!-- <header name='X-Use-This-Source:' received='mixedsource.com [' ordinal='0' /> --> | |||||
<!-- <header name='X-Originating-IP:' received='hotmail.com [' ordinal='0' /> --> | |||||
</source> | |||||
<white> | |||||
<result code='1'/> | |||||
<!-- <header name='Received:' ordinal='0' find='.friendlyhost.com'/> --> | |||||
</white> | |||||
</training> | |||||
</gbudb> | |||||
<rule-panics> | |||||
<!-- | |||||
<rule id='123456'/> | |||||
<rule id='123457'/> | |||||
--> | |||||
</rule-panics> | |||||
<platform/> | |||||
<msg-file type='rfc822'/> | |||||
</node> | |||||
</snf> | |||||
Subproject commit c5aed611cba49fe73bd998ab426b07d70c4d9565 | |||||
Subproject commit baec2fef7d355ca2a72d90876c55ca833710b008 |
This is where the SNF SDK for Windows Package is kept. | This is where the SNF SDK for Windows Package is kept. | ||||
Copyright (c) 2009 - 2011 ARM Research Laboratories | |||||
Copyright (c) 2009 - 2020 ARM Research Laboratories | |||||
The 64-bit SNFMulti.dll file is built using MinGW-64, the 64-bit MinGW | The 64-bit SNFMulti.dll file is built using MinGW-64, the 64-bit MinGW | ||||
toolchain. The 32-bit SNFMulti.dll file is built using MinGW, the | toolchain. The 32-bit SNFMulti.dll file is built using MinGW, the |