[Bro] Offline trace: segmentation fault

Vern Paxson vern at icir.org
Thu May 29 19:37:57 PDT 2008

(1) Can you read the trace successfully using tcpdump?

(2) If so, what's the shortest subset of it that causes Bro to crash?
    You can generate short subsets using tcpdump -c <pkt-cnt> to extract
    just the first <pkt-cnt> packets.

(3) (And if you can't read it with tcpdump, then the problem is elsewhere ...)


