📄 create_oracle
字号:
-- Copyright (C) 2000 Carnegie Mellon University-- -- Author(s): Mike Andersen <mike@src.no>, <mike.andersen@proseq.net>,-- Thomas Stenhaug <thomas@src.no>, <thomas.stenhaug@proseq.net>-- -- Based on the create_mysql file from:-- Jed Pickel <jpickel@cert.org>, <jed@pickel.net>-- -- This program is free software; you can redistribute it and/or modify-- it under the terms of the GNU General Public License as published by-- the Free Software Foundation; either version 2 of the License, or-- (at your option) any later version.-- -- This program is distributed in the hope that it will be useful,-- but WITHOUT ANY WARRANTY; without even the implied warranty of-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the-- GNU General Public License for more details.-- -- You should have received a copy of the GNU General Public License-- along with this program; if not, write to the Free Software-- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.-- Comments on the conversion:---- There's a trigger in place of the AUTO_INCREMENT-option for the -- sensor.sid. I don't fully understand how the NUMBER-type conversion-- works at this point. ---- Oracles DATE seems "bit" more picky on the format than MySQL.-- CREATE TABLE event ( sid INT NOT NULL, cid INT NOT NULL, signature VARCHAR2(255), timestamp VARCHAR2(24), PRIMARY KEY (sid, cid));---- store info about the sensor supplying data-- CREATE TABLE sensor ( sid INT NOT NULL, hostname VARCHAR2(100), interface VARCHAR2(100), filter VARCHAR2(100), detail INT, encoding INT, PRIMARY KEY (sid));---- auto-increment the sensor.sid-- CREATE SEQUENCE seq_snort_sensor_id START WITH 0 INCREMENT BY 1;CREATE TRIGGER tr_snort_sensor_id BEFORE INSERT ON sensor FOR EACH ROW BEGIN SELECT seq_snort_sensor_id.nextval INTO :new.SID FROM dual; END;/-- All of the fields of an ip headerCREATE TABLE iphdr ( sid INT NOT NULL, cid INT NOT NULL, ip_src INT NOT NULL, ip_src0 INT, ip_src1 INT, ip_src2 INT, ip_src3 INT, ip_dst INT NOT NULL, ip_dst0 INT, ip_dst1 INT, ip_dst2 INT, ip_dst3 INT, ip_ver INT, ip_hlen INT, ip_tos INT, ip_len INT, ip_id INT, ip_flags INT, ip_off INT, ip_ttl INT, ip_proto INT NOT NULL, ip_csum INT, PRIMARY KEY (sid,cid));-- All of the fields of a tcp headerCREATE TABLE tcphdr ( sid INT NOT NULL, cid INT NOT NULL, tcp_sport INT NOT NULL, tcp_dport INT NOT NULL, tcp_seq INT, tcp_ack INT, tcp_off INT, tcp_res INT, tcp_flags INT NOT NULL, tcp_win INT, tcp_csum INT, tcp_urp INT, PRIMARY KEY (sid,cid));-- All of the fields of a udp headerCREATE TABLE udphdr ( sid INT NOT NULL, cid INT NOT NULL, udp_sport INT NOT NULL, udp_dport INT NOT NULL, udp_len INT, udp_csum INT, PRIMARY KEY (sid,cid));-- All of the fields of an icmp headerCREATE TABLE icmphdr( sid INT NOT NULL, cid INT NOT NULL, icmp_type INT NOT NULL, icmp_code INT NOT NULL, icmp_csum INT, icmp_id INT, icmp_seq INT, PRIMARY KEY (sid,cid));-- Protocol optionsCREATE TABLE opt ( sid INT NOT NULL, cid INT NOT NULL, optid INT NOT NULL, opt_proto INT NOT NULL, opt_code INT NOT NULL, opt_len INT, opt_data LONG, PRIMARY KEY (sid,cid,optid)); -- Packet payloadCREATE TABLE data ( sid INT NOT NULL, cid INT NOT NULL, data_payload LONG, PRIMARY KEY (sid,cid)); -- encoding is a lookup table for storing encoding typesCREATE TABLE encoding ( encoding_type INT NOT NULL, encoding_text VARCHAR2(50) NOT NULL, PRIMARY KEY (encoding_type)); INSERT INTO encoding (encoding_type, encoding_text) VALUES (0, 'hex');INSERT INTO encoding (encoding_type, encoding_text) VALUES (1, 'base64');INSERT INTO encoding (encoding_type, encoding_text) VALUES (2, 'ascii');-- detail is a lookup table for storing different detail levelsCREATE TABLE detail ( detail_type INT NOT NULL, detail_text VARCHAR2(50) NOT NULL, PRIMARY KEY (detail_type)); INSERT INTO detail (detail_type, detail_text) VALUES (0, 'fast');INSERT INTO detail (detail_type, detail_text) VALUES (1, 'full');⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -