[Bro] signature match
Jai Prakash D R
jprakash at tataelxsi.co.in
Wed Nov 29 04:10:46 PST 2006
I am working with bro-0.9 signatuers. Please let me know where exactly the
packets is being compared against the all the available signatuers.
Once a signature is matched i want to get the rule->ID( ) of that signature.
When i am using the below piece of code from RuleMatcher.cc
Rule* r = Rule::rule_table[accepted[i] - 1];
fprintf(stderr, "%.06f Checking rule: %s\n",
the rule->id's of previously matched signatues are bing displayed.
please help me in this regard.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1720 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20061129/300762f8/attachment.bin
More information about the Bro