[Bro] udp_request and icmp_sent event handlers

bchen at cs.ucf.edu bchen at cs.ucf.edu
Sun May 8 20:12:56 PDT 2005


Hi Vern,
    Thank you for your help. Yes, it works after I redef the capture_filters.
How about the icmp_sent event handler? Should the icmp_sent event handler see
all kinds of icmp packets?

Bing

>
> udp.bro doesn't turn on a capture-all-UDP filter.  So try adding
>
> 	redef capture_filters += { ["all udp"] = "udp" };
>
> - Vern
>





More information about the Bro mailing list