-- Database: `snort`
--
-- --------------------------------------------------------
--
-- Table structure for table `data`
--
CREATE TABLE `data` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `data_payload` text collate cp1251_bin,
  PRIMARY KEY  (`sid`,`cid`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `detail`
--
CREATE TABLE `detail` (
  `detail_type` tinyint(3) unsigned NOT NULL default '0',
  `detail_text` text collate cp1251_bin NOT NULL,
  PRIMARY KEY  (`detail_type`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `encoding`
--
CREATE TABLE `encoding` (
  `encoding_type` tinyint(3) unsigned NOT NULL default '0',
  `encoding_text` text collate cp1251_bin NOT NULL,
  PRIMARY KEY  (`encoding_type`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `event`
--
CREATE TABLE `event` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `signature` int(10) unsigned NOT NULL default '0',
  `timestamp` datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (`sid`,`cid`),
  KEY `sig` (`signature`),
  KEY `time` (`timestamp`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `icmphdr`
--
CREATE TABLE `icmphdr` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `icmp_type` tinyint(3) unsigned NOT NULL default '0',
  `icmp_code` tinyint(3) unsigned NOT NULL default '0',
  `icmp_csum` smallint(5) unsigned default NULL,
  `icmp_id` smallint(5) unsigned default NULL,
  `icmp_seq` smallint(5) unsigned default NULL,
  PRIMARY KEY  (`sid`,`cid`),
  KEY `icmp_type` (`icmp_type`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `iphdr`
--
CREATE TABLE `iphdr` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `ip_src` int(10) unsigned NOT NULL default '0',
  `ip_dst` int(10) unsigned NOT NULL default '0',
  `ip_ver` tinyint(3) unsigned default NULL,
  `ip_hlen` tinyint(3) unsigned default NULL,
  `ip_tos` tinyint(3) unsigned default NULL,
  `ip_len` smallint(5) unsigned default NULL,
  `ip_id` smallint(5) unsigned default NULL,
  `ip_flags` tinyint(3) unsigned default NULL,
  `ip_off` smallint(5) unsigned default NULL,
  `ip_ttl` tinyint(3) unsigned default NULL,
  `ip_proto` tinyint(3) unsigned NOT NULL default '0',
  `ip_csum` smallint(5) unsigned default NULL,
  PRIMARY KEY  (`sid`,`cid`),
  KEY `ip_src` (`ip_src`),
  KEY `ip_dst` (`ip_dst`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `opt`
--
CREATE TABLE `opt` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `optid` int(10) unsigned NOT NULL default '0',
  `opt_proto` tinyint(3) unsigned NOT NULL default '0',
  `opt_code` tinyint(3) unsigned NOT NULL default '0',
  `opt_len` smallint(6) default NULL,
  `opt_data` text collate cp1251_bin,
  PRIMARY KEY  (`sid`,`cid`,`optid`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `reference`
--
CREATE TABLE `reference` (
  `ref_id` int(10) unsigned NOT NULL auto_increment,
  `ref_system_id` int(10) unsigned NOT NULL default '0',
  `ref_tag` text collate cp1251_bin NOT NULL,
  PRIMARY KEY  (`ref_id`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `reference_system`
--
CREATE TABLE `reference_system` (
  `ref_system_id` int(10) unsigned NOT NULL auto_increment,
  `ref_system_name` varchar(20) collate cp1251_bin default NULL,
  PRIMARY KEY  (`ref_system_id`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `schema`
--
CREATE TABLE `schema` (
  `vseq` int(10) unsigned NOT NULL default '0',
  `ctime` datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (`vseq`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `sensor`
--
CREATE TABLE `sensor` (
  `sid` int(10) unsigned NOT NULL auto_increment,
  `hostname` text collate cp1251_bin,
  `interface` text collate cp1251_bin,
  `filter` text collate cp1251_bin,
  `detail` tinyint(4) default NULL,
  `encoding` tinyint(4) default NULL,
  `last_cid` int(10) unsigned NOT NULL default '0',
  PRIMARY KEY  (`sid`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin AUTO_INCREMENT=5 ;
-- --------------------------------------------------------
--
-- Table structure for table `sig_class`
--
CREATE TABLE `sig_class` (
  `sig_class_id` int(10) unsigned NOT NULL auto_increment,
  `sig_class_name` varchar(60) collate cp1251_bin NOT NULL default '',
  PRIMARY KEY  (`sig_class_id`),
  KEY `sig_class_id` (`sig_class_id`),
  KEY `sig_class_name` (`sig_class_name`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `sig_reference`
--
CREATE TABLE `sig_reference` (
  `sig_id` int(10) unsigned NOT NULL default '0',
  `ref_seq` int(10) unsigned NOT NULL default '0',
  `ref_id` int(10) unsigned NOT NULL default '0',
  PRIMARY KEY  (`sig_id`,`ref_seq`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `signature`
--
CREATE TABLE `signature` (
  `sig_id` int(10) unsigned NOT NULL auto_increment,
  `sig_name` varchar(255) collate cp1251_bin NOT NULL default '',
  `sig_class_id` int(10) unsigned NOT NULL default '0',
  `sig_priority` int(10) unsigned default NULL,
  `sig_rev` int(10) unsigned default NULL,
  `sig_sid` int(10) unsigned default NULL,
  PRIMARY KEY  (`sig_id`),
  KEY `sign_idx` (`sig_name`(20)),
  KEY `sig_class_id_idx` (`sig_class_id`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin AUTO_INCREMENT=1 ;
-- --------------------------------------------------------
--
-- Table structure for table `tcphdr`
--
CREATE TABLE `tcphdr` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `tcp_sport` smallint(5) unsigned NOT NULL default '0',
  `tcp_dport` smallint(5) unsigned NOT NULL default '0',
  `tcp_seq` int(10) unsigned default NULL,
  `tcp_ack` int(10) unsigned default NULL,
  `tcp_off` tinyint(3) unsigned default NULL,
  `tcp_res` tinyint(3) unsigned default NULL,
  `tcp_flags` tinyint(3) unsigned NOT NULL default '0',
  `tcp_win` smallint(5) unsigned default NULL,
  `tcp_csum` smallint(5) unsigned default NULL,
  `tcp_urp` smallint(5) unsigned default NULL,
  PRIMARY KEY  (`sid`,`cid`),
  KEY `tcp_sport` (`tcp_sport`),
  KEY `tcp_dport` (`tcp_dport`),
  KEY `tcp_flags` (`tcp_flags`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;
-- --------------------------------------------------------
--
-- Table structure for table `udphdr`
--
CREATE TABLE `udphdr` (
  `sid` int(10) unsigned NOT NULL default '0',
  `cid` int(10) unsigned NOT NULL default '0',
  `udp_sport` smallint(5) unsigned NOT NULL default '0',
  `udp_dport` smallint(5) unsigned NOT NULL default '0',
  `udp_len` smallint(5) unsigned default NULL,
  `udp_csum` smallint(5) unsigned default NULL,
  PRIMARY KEY  (`sid`,`cid`),
  KEY `udp_sport` (`udp_sport`),
  KEY `udp_dport` (`udp_dport`)
) ENGINE=MyISAM DEFAULT CHARSET=cp1251 COLLATE=cp1251_bin;