文章目錄
- 參考
- 0.開胃菜
- 1. 預處理器回顧
- 2. README.PLUGINS
- 3. spp_template.c
- 4. spp_template.h
- 5. 預處理器的Hello World
- 5.1 複製模板
- 5.2 包含新文件
- 5.3 修改spp_helloworld.h
- 5.4 修改spp_helloworld.c
- 5.4.1 空函數 HelloWorldReloadFunction
- 5.4.2 聲明 HelloWorldInit
- 5.4.3 函數 主配置函數 SetupHelloWorld
- 5.4.4 函數 HelloWorldMain
- 5.4.5 函數 HelloWorldInit
- 5.5 修改preprocids.h
- 5.6 MakeFile.am
- 5.7 snort.conf
- 5.8 automake && make && make install
- 5.9 啓動snort
- 6. 完整的 spp_helloworld.c
參考
Snort預處理插件HelloWorld程序開發
Snort預處理器介紹(詳細)
本專欄所有相關博文使用的snort版本均爲 2.9.15.1
0.開胃菜
C語言工程結構
C語言的頭文件和宏定義詳解
被Java和Python慣壞的我,看到這麼大的C工程就頭大了
所以特意先學了一下C工程的組織結構。
1. 預處理器回顧
- 預處理器在Snort應用規則前處理接收到的數據
- 預處理器對每一個數據包只執行一次
- 被捕獲的數據包首先經過預處理器,然後經過探測引擎根據規則處理。
- 輸入插件和預處理器是同一概念
- 當Snort接收到數據包的時候,主探測引擎並不能對它們進行處理和應用規則,比如,數據包有可能是分片的,需要重新組裝,預處理器就是做這樣的工作,使數據能夠被探測引擎處理,另外,一些預處理器還可以做一些其它工作,比如探測包中的一些明顯錯誤。
- 你可以編寫自己的預處理器,察看Snort源代碼doc目錄中的README.PLUGINS文件,你可以獲得相關的資料,也可以在templates目錄中查看源代碼示例。
2. README.PLUGINS
Plugin Info
12/5/99
Martin Roesch
Overview:
Snort version 1.5 introduces a major new concept, plugins. There are two types
of plugin currently available in Snort: detection plugins and preprocessors.
Detection plugins check a single aspect of a packet for a value defined within
a rule and determine if the packet data meets their acceptance criteria. For
example, the tcp flags detection plugin checks the flags section of TCP packets
for matches with flag combinations defined in a particular rule. Detection
plugins may be called multiple times per packet with different arguments.
Preprocessors are only called a single time per packet and may perform highly
complex functions like TCP stream reassembly, IP defragmentation, or HTTP
request normalization. They can directly manipulate packet data and even call
the detection engine directly with their modified data. They can perform less
complex tasks like statistics gathering or threshold monitoring as well.
Adding New Plugins to Snort as a User:
Right now, adding a new plugin to Snort is straightforward but requires you to
edit two files by hand. The plugin should consist of two files,
"sp_something.c"/"sp_something.h" for detection plugins, and
"spp_something.c"/"spp_something.h" for preprocessors. For detection plugins,
there are two steps to integrating it with Snort:
1) Edit plugbase.h and insert the line
#include "sp_something.h"
into the file with the other "#include" statements. Save and close the
file.
2) Edit the plugbase.c file and in the InitPlugins() function, add the name of
the setup function to the list with the other Setup functions. Save and
close the file.
3) Edit the Makefile.am and add the names of the two files to the list of
names on the "snort_SOURCES" line. Save and exit the file. Run
"automake".
Someday, there will be a nice little program that will do all this work for you!
Writing New Snort Plugins as a Developer:
This process is also pretty straight forward, and the best place to look for
information on doing these things is at the files in the "templates" directory.
The sp_* files are setup for detection plugins, and the spp_* files refer to
the preprocessor files. The main thing to remember once you've got it written
is to put the proper includes and function calls into plugbase[.c|.h]. I
should probably flesh out this document more, but I think that the best info
is in the template files. If you have any questions or comments, don't
hesitate to send me an e-mail!
機翻來自百度
插件信息
1999年5月12日
馬丁·羅斯奇
概述:
Snort版本1.5引入了一個重要的新概念,即插件。有兩種類型
Snort中當前可用插件的數量:檢測插件和預處理器。
檢測插件檢查數據包的一個方面是否有在
一種規則,用於確定包數據是否滿足其接受標準。爲了
例如,tcp標誌檢測插件檢查tcp數據包的標誌部分
用於與特定規則中定義的標誌組合匹配。檢測
每個包可以使用不同的參數多次調用插件。
預處理器在每個包中只調用一次,並且可以執行很高的性能
複雜功能,如TCP流重組、IP碎片整理或HTTP
請求規範化。它們可以直接操作包數據,甚至調用
檢測引擎直接用他們修改過的數據。他們能做的更少
複雜的任務,例如統計數據收集或閾值監視。
以用戶身份向Snort添加新插件:
現在,向Snort添加一個新插件很簡單,但是需要您
手工編輯兩個文件。插件應該由兩個文件組成,
“sp_something.c”或“sp_something.h”用於檢測插件,以及
“spp_something.c”或“spp_something.h”表示預處理器。對於檢測插件,
將它與Snort集成有兩個步驟:
1) 編輯plugbase.h並插入行
#包括“sp_something.h”
與其他“#include”語句一起放入文件。保存並關閉
文件。
2) 編輯plugbase.c文件,在InitPlugins()函數中,添加
列表中的設置函數和其他設置函數。保存和
關閉文件。
3) 編輯Makefile.am並將兩個文件的名稱添加到
“snort_SOURCES”行中的名稱。保存並退出文件。跑步
“汽車製造”。
總有一天,會有一個很好的小程序來幫你完成所有的工作!
作爲開發人員編寫新的Snort插件:
這個過程也是非常直接的,而且是最好的地方
有關執行這些操作的信息位於“templates”目錄中的文件中。
sp U*文件是爲檢測插件設置的,spp U*文件是指
預處理器文件。一旦你寫好了,最重要的是要記住
是將適當的include和函數調用放入plugbase[.c |.h]。我
也許應該更詳細地說明這個文件,但是我認爲最好的信息
在模板文件中。如果你有任何問題或意見,不要
不好意思給我發電子郵件!
3. spp_template.c
/* $Id$ */
/* Snort Preprocessor Plugin Source File Template */
/* spp_template
*
* Purpose:
*
* Preprocessors perform some function *once* for *each* packet. This is
* different from detection plugins, which are accessed depending on the
* standard rules. When adding a plugin to the system, be sure to
* add the "Setup" function to the InitPreprocessors() function call in
* plugbase.c!
* 注意:上面是Snort源文件中spp_template.c (預處理器模板)中的註釋,
* 這個註釋沒有及時更新
* 原文中的InitPreprocessors( ) 函數已經被替換成了 RegistPreprocessors( )
*
* Arguments:
*
* This is the list of arguments that the plugin can take at the
* "preprocessor" line in the rules file
*
* Effect:
*
* What the preprocessor does. Check out some of the default ones
* (e.g. spp_frag2) for a good example of this description.
*
* Comments:
*
* Any comments?
*
*/
#include <sys/types.h>
#include <stdlib.h>
#include <ctype.h>
#include <rpc/types.h>
/*
* If you're going to issue any alerts from this preproc you
* should include generators.h and event_wrapper.h
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "generators.h"
#include "event_wrapper.h"
#include "util.h"
#include "plugbase.h"
#include "parser.h"
/*
* put in other inculdes as necessary
*/
/*
* your preprocessor header file goes here if necessary, don't forget
* to include the header file in plugbase.h too!
*/
#include "spp_template.h"
/*
* define any needed data structs for things like configuration
*/
typedef struct _TemplateData
{
/* Your struct members here */
} TemplateData;
/*
* If you need to instantiate the preprocessor's
* data structure, do it here
*/
TemplateData SomeData;
/*
* function prototypes go here
*/
static void TemplateInit(u_char *);
static void ParseTemplateArgs(char *);
static void PreprocFunction(Packet *);
static void PreprocCleanExitFunction(int, void *);
static void PreprocRestartFunction(int, void *);
/*
* Function: SetupTemplate()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list. This is the function that
* gets called from InitPreprocessors() in plugbase.c.
*
* Arguments: None.
*
* Returns: void function
*
*/
void SetupTemplate()
{
/*
* link the preprocessor keyword to the init function in
* the preproc list
*/
RegisterPreprocessor("keyword", TemplateInit);
DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template is setup...\n");
}
/*
* Function: TemplateInit(u_char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
static void TemplateInit(u_char *args)
{
DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template Initialized\n");
/*
* parse the argument list from the rules file
*/
ParseTemplateArgs(args);
/*
* perform any other initialization functions that are required here
*/
/*
* Set the preprocessor function into the function list
*/
AddFuncToPreprocList(PreprocFunction);
AddFuncToCleanExitList(PreprocCleanExitFunction, NULL);
AddFuncToRestartList(PreprocRestartFunction, NULL);
}
/*
* Function: ParseTemplateArgs(char *)
*
* Purpose: Process the preprocessor arguments from the rules file and
* initialize the preprocessor's data struct. This function doesn't
* have to exist if it makes sense to parse the args in the init
* function.
*
* Arguments: args => argument list
*
* Returns: void function
*
*/
static void ParseTemplateArgs(char *args)
{
/* your parsing function goes here, check out the other spp files
for examples */
}
/*
* Function: PreprocFunction(Packet *)
*
* Purpose: Perform the preprocessor's intended function. This can be
* simple (statistics collection) or complex (IP defragmentation)
* as you like. Try not to destroy the performance of the whole
* system by trying to do too much....
*
* Arguments: p => pointer to the current packet data struct
*
* Returns: void function
*
*/
static void PreprocFunction(Packet *p)
{
/* your preproc function goes here.... */
/*
* if you need to issue an alert from your preprocessor, check out
* event_wrapper.h, there are some useful helper functions there
*/
}
/*
* Function: PreprocCleanExitFunction(int, void *)
*
* Purpose: This function gets called when Snort is exiting, if there's
* any cleanup that needs to be performed (e.g. closing files)
* it should be done here.
*
* Arguments: signal => the code of the signal that was issued to Snort
* data => any arguments or data structs linked to this
* functioin when it was registered, may be
* needed to properly exit
*
* Returns: void function
*/
static void PreprocCleanExitFunction(int signal, void *data)
{
/* clean exit code goes here */
}
/*
* Function: PreprocRestartFunction(int, void *)
*
* Purpose: This function gets called when Snort is restarting on a SIGHUP,
* if there's any initialization or cleanup that needs to happen
* it should be done here.
*
* Arguments: signal => the code of the signal that was issued to Snort
* data => any arguments or data structs linked to this
* functioin when it was registered, may be
* needed to properly exit
*
* Returns: void function
*/
static void PreprocRestartFunction(int signal, void *foo)
{
/* restart code goes here */
}
4. spp_template.h
/* $Id$ */
/* Snort Preprocessor Plugin Header File Template */
/* This file gets included in plugbase.h when it is integrated into the rest
* of the program.
*/
#ifndef __SPP_TEMPLATE_H__
#define __SPP_TEMPLATE_H__
/*
* list of function prototypes to export for this preprocessor
*/
void SetupTemplate();
#endif /* __SPP_TEMPLATE_H__ */
5. 預處理器的Hello World
5.1 複製模板
進入snort-2.9.15.1/
cp templates/spp_template.h src/preprocessors/spp_helloworld.h
cp templates/spp_template.c src/preprocessors/spp_helloworld.c
5.2 包含新文件
vim src/plugbase.c
在64行,插入
#include "preprocessors/spp_helloworld.h"
703行插入
SetupHelloWorld();
稍後會在spp_helloworld.c編寫這個函數並在spp_helloworld.h中聲明
保存退出
5.3 修改spp_helloworld.h
vim src/preprocessors/spp_helloworld.h
把 #ifndef改掉
13行聲明上文修改的那個函數
void SetupHelloWorld();
保存退出
5.4 修改spp_helloworld.c
我這個寫的挺醜的,應該把聲明放一塊,函數放一塊…下次一定改
先總體看一下,此文件應有如下幾個函數及其聲明,從上到下:
- 空函數:HelloWorldReloadFunction。snort reload時調用的函數,可不寫函數體
- 聲明:HelloWorldInit
- 函數:SetupHelloWorld。主程序啓動,運行plugbase.c時,調用此函數。此函數內調用RegisterPreprocessor進行預處理器註冊,以及調用HelloWorldInit進行預處理器的初始化
- 函數:HelloWorldMain。預處理器的主函數,即每收到一個符合條件的包都會調用此函數
- 函數:HelloWorldInit。預處理器的初始化函數,此函數內調用AddFuncToPreprocList,將預處理器的主函數(功能函數)HelloWorldMain添加到對應鏈表中。在新版snort中,需要有一句session_api->enable_preproc_all_ports(sc,PP_HELLOWORLD_RT, 0x01);
否則預處理器主函數不能正常工作。
vim src/preprocessors/spp_helloworld.c
58行,修改爲
#include "spp_helloworld.h"
然後加上
#include "session_api.h"
#include "decode.h"
// 添加函數到預處理器鏈表時用的
#define PROTO_MASK 0x0001
5.4.1 空函數 HelloWorldReloadFunction
// 重加載的函數,可不寫函數體
void HelloWorldReloadFunction(){}
5.4.2 聲明 HelloWorldInit
// 聲明
static void HelloWorldInit();
5.4.3 函數 主配置函數 SetupHelloWorld
修改函數SetupTemplate()爲SetupHelloWorld()
// 主配置函數
void SetupHelloWorld()
{
/*
* link the preprocessor keyword to the init function in
* the preproc list
*/
// RegisterPreprocessor("keyword", TemplateInit);
// DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template is setup...\n");
#ifndef SNORT_RELOAD
// 預處理器名稱, 用於初始化預處理器的函數
RegisterPreprocessor("HelloWorld", HelloWorldInit);
printf("*wuming-register* HelloWorld start\n");
#else
// ReloadFunction可以暫時不寫
RegisterPreprocessor("HelloWorld", HelloWorldInit, HelloWorldReloadFunction,NULL,NULL, NULL);
printf("*wuming-register* HelloWorld reload\n");
#endif
printf("*wuming-setup done*\n");
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: HelloSnort is setup...\n"););
}
5.4.4 函數 HelloWorldMain
200行左右
修改
static void PreprocFunction(Packet *p)
// 實際執行的主函數
static void HelloWorldMain(Packet *p){
printf("*wuming-main* Hello World's main function***************************\n");
}
5.4.5 函數 HelloWorldInit
修改 TemplateInit()如下
static void HelloWorldInit(struct _SnortConfig *sc,u_char *args)
{
// DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template Initialized\n");
/*
* parse the argument list from the rules file
*/
// ParseTemplateArgs(args);
/*
* perform any other initialization functions that are required here
*/
/*
* Set the preprocessor function into the function list
*/
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: HelloSnortInit Initialized\n"););
// printf("HelloSnortInit ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^is setup");
// 參數分別爲:結構體指針 預處理器實際執行的函數 處理器優先級 預定義常數 自定義解碼類型標誌
AddFuncToPreprocList(sc, HelloWorldMain, 0x01, PP_HELLOWORLD_RT, PROTO_MASK);
session_api->enable_preproc_all_ports(sc,PP_HELLOWORLD_RT, 0x01);
printf("*wuming-init done*\n");
// 不需要總結輸出的話這行可以刪掉
// 預處理器名稱,
//RegisterPreprocStats("HelloWorld", ProfinetPrintStats);
// AddFuncToCleanExitList(PreprocCleanExitFunction, NULL);
// AddFuncToRestartList(PreprocRestartFunction, NULL);
}
保存退出
5.5 修改preprocids.h
spp_helloworld.c中預定義常數PP_HELLOWORLD_RT需要添加到 src/preprocids.h
vim src/preprocids.h
增加一行,然後PP_MAX增加1
5.6 MakeFile.am
vim src/preprocessors/Makefile.am
把預處理器的兩個文件添加到libspp_a_SOURCES
5.7 snort.conf
vim your_path/snort.conf
270行附近 step5,添加5.4中定義的預處理器名稱HelloWorld
5.8 automake && make && make install
以上更改全部保存後
回到snort-2.9.15.1目錄下
執行
automake && make && make install
沒有報錯的話就可以啓動了,有報錯的話就回去DEBUG
一定要注意對應的函數名、常量名是否正確,否則會出現各種奇怪的BUG
5.9 啓動snort
我使用-A參數直接打印到控制檯
snort -A console -i ens33 -c your_path/snort.conf
啓動截圖
下面是對ICMP包調用預處理器主函數的截圖(需要自己寫規則)
主函數只有一行輸出做測試用
到此爲止一個預處理器的HelloWorld就成功了。
想說的是像我這種C語言菜雞,開始看了好幾個教程和文檔,跟着別人亂敲,最後函數命名混亂,導致一直報錯,卡了蠻長時間。
然後痛定思痛,研讀了snort的源碼分析,真正把插件部分整個的工作流程(註冊、初始化、調用)弄懂了,這才又上手重構,終於成功。
無論你在做什麼,你總得明白自己在做什麼。
後續博客爲
snort:預處理器開發實戰
6. 完整的 spp_helloworld.c
再次說明一下,寫的很醜,其實原來的模板中都有註釋的,最好還是按對應的位置來寫。
/* $Id$ */
/* Snort Preprocessor Plugin Source File Template */
/* spp_template
*
* Purpose:
*
* Preprocessors perform some function *once* for *each* packet. This is
* different from detection plugins, which are accessed depending on the
* standard rules. When adding a plugin to the system, be sure to
* add the "Setup" function to the InitPreprocessors() function call in
* plugbase.c!
*
* Arguments:
*
* This is the list of arguments that the plugin can take at the
* "preprocessor" line in the rules file
*
* Effect:
*
* What the preprocessor does. Check out some of the default ones
* (e.g. spp_frag2) for a good example of this description.
*
* Comments:
*
* Any comments?
*
*/
#include <sys/types.h>
#include <stdlib.h>
#include <ctype.h>
#include <rpc/types.h>
/*
* If you're going to issue any alerts from this preproc you
* should include generators.h and event_wrapper.h
*/
#ifdef HAVE_CONFIG_H
#include "config.h"
#endif
#include "generators.h"
#include "event_wrapper.h"
#include "util.h"
#include "plugbase.h"
#include "parser.h"
#include "session_api.h"
#include "decode.h"
/*
* put in other inculdes as necessary
*/
/*
* your preprocessor header file goes here if necessary, don't forget
* to include the header file in plugbase.h too!
*/
#include "spp_helloworld.h"
// 添加函數到預處理器鏈表時用的
#define PROTO_MASK 0x0001
/*
* define any needed data structs for things like configuration
*/
typedef struct _TemplateData
{
/* Your struct members here */
} TemplateData;
/*
* If you need to instantiate the preprocessor's
* data structure, do it here
*/
TemplateData SomeData;
/*
* function prototypes go here
*/
static void TemplateInit(u_char *);
static void ParseTemplateArgs(char *);
static void PreprocFunction(Packet *);
static void PreprocCleanExitFunction(int, void *);
static void PreprocRestartFunction(int, void *);
/*
* Function: SetupTemplate()
*
* Purpose: Registers the preprocessor keyword and initialization
* function into the preprocessor list. This is the function that
* gets called from InitPreprocessors() in plugbase.c.
*
* Arguments: None.
*
* Returns: void function
*
*/
// 重加載的函數,可不寫
void HelloWorldReloadFunction(){}
// 聲明
static void HelloWorldInit();
// 此函數用於調用下面的初始化函數 HelloWorldRTInit()
void SetupHelloWorld()
{
/*
* link the preprocessor keyword to the init function in
* the preproc list
*/
// RegisterPreprocessor("keyword", TemplateInit);
// DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template is setup...\n");
#ifndef SNORT_RELOAD
// 預處理器名稱, 初始化預處理器的函數
RegisterPreprocessor("HelloWorld", HelloWorldInit);
printf("*wuming-register* HelloWorld start\n");
#else
// ReloadFunction可以暫時不寫
RegisterPreprocessor("HelloWorld", HelloWorldInit, HelloWorldReloadFunction,NULL,NULL, NULL);
printf("*wuming-register* HelloWorld reload\n");
#endif
printf("*wuming-setup done*\n");
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: HelloSnort is setup...\n"););
}
// 實際執行的主函數
static void HelloWorldMain(Packet *p){
printf("*wuming-main* Hello World's main function***************************\n");
}
/*
* Function: TemplateInit(u_char *)
*
* Purpose: Calls the argument parsing function, performs final setup on data
* structs, links the preproc function into the function list.
*
* Arguments: args => ptr to argument string
*
* Returns: void function
*
*/
// 初始化預處理器
static void HelloWorldInit(struct _SnortConfig *sc,u_char *args)
{
// DebugMessage(DEBUG_PLUGIN,"Preprocessor: Template Initialized\n");
/*
* parse the argument list from the rules file
*/
// ParseTemplateArgs(args);
/*
* perform any other initialization functions that are required here
*/
/*
* Set the preprocessor function into the function list
*/
DEBUG_WRAP(DebugMessage(DEBUG_PLUGIN,"Preprocessor: HelloSnortInit Initialized\n"););
// 參數分別爲:結構體指針 預處理器實際執行的函數 處理器優先級 預定義常數 自定義解碼類型標誌
AddFuncToPreprocList(sc, HelloWorldMain, 0x01, PP_HELLOWORLD_RT, PROTO_MASK);
session_api->enable_preproc_all_ports(sc,PP_HELLOWORLD_RT, 0x01);
printf("*wuming-init done*\n");
// 不需要總結輸出的話這行可以刪掉
// 預處理器名稱,
//RegisterPreprocStats("HelloWorld", ProfinetPrintStats);
// session_api->enable_preproc_all_ports(sc, PP_HELLOWORLD_RT, PROTO_BIT_IP);
// AddFuncToCleanExitList(PreprocCleanExitFunction, NULL);
// AddFuncToRestartList(PreprocRestartFunction, NULL);
}
/*
* Function: ParseTemplateArgs(char *)
*
* Purpose: Process the preprocessor arguments from the rules file and
* initialize the preprocessor's data struct. This function doesn't
* have to exist if it makes sense to parse the args in the init
* function.
*
* Arguments: args => argument list
*
* Returns: void function
*
*/
static void ParseTemplateArgs(char *args)
{
/* your parsing function goes here, check out the other spp files
for examples */
}
/*
* Function: PreprocFunction(Packet *)
*
* Purpose: Perform the preprocessor's intended function. This can be
* simple (statistics collection) or complex (IP defragmentation)
* as you like. Try not to destroy the performance of the whole
* system by trying to do too much....
*
* Arguments: p => pointer to the current packet data struct
*
* Returns: void function
*
*/
static void PreprocFunction(Packet *p)
{
/* your preproc function goes here.... */
/*
* if you need to issue an alert from your preprocessor, check out
* event_wrapper.h, there are some useful helper functions there
*/
}
/*
* Function: PreprocCleanExitFunction(int, void *)
*
* Purpose: This function gets called when Snort is exiting, if there's
* any cleanup that needs to be performed (e.g. closing files)
* it should be done here.
*
* Arguments: signal => the code of the signal that was issued to Snort
* data => any arguments or data structs linked to this
* functioin when it was registered, may be
* needed to properly exit
*
* Returns: void function
*/
static void PreprocCleanExitFunction(int signal, void *data)
{
/* clean exit code goes here */
}
/*
* Function: PreprocRestartFunction(int, void *)
*
* Purpose: This function gets called when Snort is restarting on a SIGHUP,
* if there's any initialization or cleanup that needs to happen
* it should be done here.
*
* Arguments: signal => the code of the signal that was issued to Snort
* data => any arguments or data structs linked to this
* functioin when it was registered, may be
* needed to properly exit
*
* Returns: void function
*/
static void PreprocRestartFunction(int signal, void *foo)
{
/* restart code goes here */
}