[Bro] How to manage a dynamic vector

Vito Logrillo vitologrillo at gmail.com
Mon Dec 22 03:46:26 PST 2014

i have some problems with a code like this:

------- code.bro -----

type known_services_buffer: record {
    host: addr;
    port_num: port;
    port_proto: transport_proto;
    service: set[string];

type known_services_buffer_vec: vector of known_services_buffer;
global known_services_buf_vec = known_services_buffer_vec();
global count_a: int = 0;

event Known::log_known_services(rec: Known::ServicesInfo) &priority=5
        ...do something.....
        known_services_buf_vec[count_a]$host = rec$host;
        known_services_buf_vec[count_a]$port_num = rec$port_num;
        known_services_buf_vec[count_a]$port_proto = rec$port_proto;
        known_services_buf_vec[count_a]$service = rec$service;
        count_a = count_a + 1;

event Conn::log_conn(rec: Conn::Info)
    print (count_a);
    for (idx in known_services_buf_vec)
           ...do something....

------ code.bro -------

My variable count_a is incremented each time the event
Known::log_known_services is executed, but the last "for" in
Conn::log_conn is never executed because known_services_buf_vec is
always a void vector.
What's wrong? Any suggestion?

More information about the Bro mailing list