diff -ru barnyard-0.2.0/src/ProgVars.h barnyard-0.2.0-order_neutral/src/ProgVars.h
--- barnyard-0.2.0/src/ProgVars.h	2004-03-06 18:19:29.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/ProgVars.h	2006-07-20 21:39:26.000000000 -0400
@@ -61,6 +61,7 @@
     u_int8_t stop;
     u_int8_t exit;
     u_int8_t reload;
+    u_int8_t byteswap;
     
 } ProgVars;
 
diff -ru barnyard-0.2.0/src/barnyard.c barnyard-0.2.0-order_neutral/src/barnyard.c
--- barnyard-0.2.0/src/barnyard.c	2004-03-27 18:58:33.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/barnyard.c	2006-07-20 21:45:50.000000000 -0400
@@ -55,6 +55,8 @@
     CommandLineArgs *clargs = NULL;
 
     memset(&pv, 0, sizeof(ProgVars));
+    // set byteswap off
+    pv.byteswap = 0;
 
     ShowBanner();
 
diff -ru barnyard-0.2.0/src/barnyard.h barnyard-0.2.0-order_neutral/src/barnyard.h
--- barnyard-0.2.0/src/barnyard.h	2004-05-01 12:43:29.000000000 -0400
+++ barnyard-0.2.0-order_neutral/src/barnyard.h	2006-07-20 20:30:11.000000000 -0400
@@ -43,4 +43,11 @@
 void CleanRestart();
 int BarnyardSleep(unsigned int);
 
+#define swaps(A)  ((((u_int16_t)(A) & 0xff00) >> 8) | \
+                   (((u_int16_t)(A) & 0x00ff) << 8))
+#define swapl(A)  ((((u_int32_t)(A) & 0xff000000) >> 24) | \
+                   (((u_int32_t)(A) & 0x00ff0000) >> 8)  | \
+                   (((u_int32_t)(A) & 0x0000ff00) << 8)  | \
+                   (((u_int32_t)(A) & 0x000000ff) << 24))
+
 #endif  /* __BARNYARD_H__ */
diff -ru barnyard-0.2.0/src/input-plugins/dp_alert.c barnyard-0.2.0-order_neutral/src/input-plugins/dp_alert.c
--- barnyard-0.2.0/src/input-plugins/dp_alert.c	2004-02-19 20:59:48.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/input-plugins/dp_alert.c	2006-07-20 22:43:11.000000000 -0400
@@ -161,6 +161,7 @@
 int AlertDpReadRecord(SpoolFileHandle *sph)
 {
     ssize_t bytes_read;
+    UnifiedAlertRecord *record;
 
     if(!sph)
         return -1;  /* Invalid args */
@@ -186,6 +187,27 @@
         return N_READ_PARTIAL;
     }
     
+    // convert byte order if needed
+    if ( pv.byteswap )
+    {
+        record = (UnifiedAlertRecord *)buffer;
+        record->event.sig_generator = swapl(record->event.sig_generator);
+        record->event.sig_id = swapl(record->event.sig_id);
+        record->event.sig_rev = swapl(record->event.sig_rev);
+        record->event.classification = swapl(record->event.classification);
+        record->event.priority = swapl(record->event.priority);
+        record->event.event_id = swapl(record->event.event_id);
+        record->event.event_reference = swapl(record->event.event_reference);
+        record->ts.tv_sec = swapl(record->ts.tv_sec);
+        record->ts.tv_usec = swapl(record->ts.tv_usec);
+        record->sip = swapl(record->sip);
+        record->dip = swapl(record->dip);
+        record->sp = swaps(record->sp);
+        record->dp = swaps(record->dp);
+        record->protocol = swapl(record->protocol);
+        record->flags = swapl(record->flags);
+    }
+
     sph->offset = 0;
     sph->record.data = buffer;
     sph->record.dynamic = 0;
diff -ru barnyard-0.2.0/src/input-plugins/dp_log.c barnyard-0.2.0-order_neutral/src/input-plugins/dp_log.c
--- barnyard-0.2.0/src/input-plugins/dp_log.c	2004-04-03 14:57:32.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/input-plugins/dp_log.c	2006-07-20 22:25:46.000000000 -0400
@@ -192,6 +192,25 @@
             return N_READ_PARTIAL;
         }
 
+        // swap the byte order if needed
+        if ( pv.byteswap )
+        {           
+            unified_log.event.sig_generator = swapl(unified_log.event.sig_generator);
+            unified_log.event.sig_id = swapl(unified_log.event.sig_id);
+            unified_log.event.sig_rev = swapl(unified_log.event.sig_rev);
+            unified_log.event.classification = swapl(unified_log.event.classification);
+            unified_log.event.priority = swapl(unified_log.event.priority);
+            unified_log.event.event_id = swapl(unified_log.event.event_id);
+            unified_log.event.event_reference = swapl(unified_log.event.event_reference);
+            unified_log.event.ref_time.tv_sec = swapl(unified_log.event.ref_time.tv_sec);
+            unified_log.event.ref_time.tv_usec = swapl(unified_log.event.ref_time.tv_usec);
+            unified_log.flags = swapl(unified_log.flags);
+            unified_log.pkth.ts.tv_sec = swapl(unified_log.pkth.ts.tv_sec);
+            unified_log.pkth.ts.tv_usec = swapl(unified_log.pkth.ts.tv_usec);
+            unified_log.pkth.pktlen = swapl(unified_log.pkth.pktlen);
+            unified_log.pkth.caplen = swapl(unified_log.pkth.caplen);
+        }   
+
         /* Extract packet length */
         packet_len = unified_log.pkth.caplen;
         if(packet_len >= 0x1ffff)
@@ -245,6 +264,7 @@
 
 int LogDpProcessRecord(void *data, DpFunctionalNode *dp)
 {
+
     if(data == NULL)
 	{
 #ifdef DEBUG
diff -ru barnyard-0.2.0/src/input-plugins/dp_stream_stat.c barnyard-0.2.0-order_neutral/src/input-plugins/dp_stream_stat.c
--- barnyard-0.2.0/src/input-plugins/dp_stream_stat.c	2004-02-19 20:59:48.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/input-plugins/dp_stream_stat.c	2006-07-20 22:06:08.000000000 -0400
@@ -109,7 +109,7 @@
     /* validate the header */
 #ifdef DEBUG
     printf("Opened StreamStat File \"%s\", header:\n", sph->filepath);
-    printf(" Magic          = 0x%X\n", file_header.magic);
+    // printf(" Magic          = 0x%X\n", file_header.magic);
     printf(" Version.major  = %d\n", file_header.version_major);
     printf(" Version.minor  = %d\n", file_header.version_minor);
     printf(" timezone       = %d\n", file_header.timezone);
diff -ru barnyard-0.2.0/src/output-plugins/op_decode.c barnyard-0.2.0-order_neutral/src/output-plugins/op_decode.c
--- barnyard-0.2.0/src/output-plugins/op_decode.c	2004-04-03 14:57:32.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/output-plugins/op_decode.c	2006-07-20 18:16:42.000000000 -0400
@@ -24,7 +24,7 @@
 #include "barnyard.h"
 #include "input-plugins/dp_log.h"
 
-int DecodePacket(Packet *p, SnortPktHeader *pkthdr, uint8_t *pkt)
+int DecodePacket(Packet *p, SnortPktHeader *pkthdr, u_int8_t *pkt)
 {
     switch(linktype)
     {
diff -ru barnyard-0.2.0/src/spool.c barnyard-0.2.0-order_neutral/src/spool.c
--- barnyard-0.2.0/src/spool.c	2004-03-06 19:35:19.000000000 -0500
+++ barnyard-0.2.0-order_neutral/src/spool.c	2006-07-20 22:04:32.000000000 -0400
@@ -26,6 +26,7 @@
 #include "input-plugins/dp_plugbase.h"
 #include "spool.h"
 #include "util.h"
+#include <arpa/inet.h>
 
 
 /* Local functions ************************************************/
@@ -247,10 +248,20 @@
     /* Based on magic, lookup the DpFunctionalNode */
     if(!(sph->dpfn = LookupFunctions(sph->magic)))
     {
-        FatalError("ERROR: No input plugin found for magic: %.8x\n", 
+	LogMessage("Bad Magic 0x%.8x. Swapping byte order and trying again\n", sph->magic);
+	if ( ! ( sph->dpfn = LookupFunctions(swapl(sph->magic)) ) )
+        {
+            // nothing worked. time to bail completely
+            FatalError("ERROR: No input plugin found for magic: %.8x\n", 
                 sph->magic);
+        } else {
+            LogMessage("Byte order needs to be swapped.\n");
+            pv.byteswap = 1;
+        }
+    } else {
+        pv.byteswap = 0;
     }
-
+    
     return 0;
 }
 
Only in barnyard-0.2.0: stamp-h.in