[Bro] Integrating WiFi Analyzer within Bro

Johanna Amann johanna at icir.org
Fri Mar 25 09:48:45 PDT 2016


Hello Pratik,

I think the answer stays the same - if I understand things correctly, 
you have to implement IEEE 802.15.4, which is a lower level protocol, 
which currently cannot be implemented with just BinPAC and needs core 
changes (probably in src/iosource/Packet.cc and others). There are 
currently no examples for that, besides the existing code.

Johanna

On 25 Mar 2016, at 9:40, pratik inamdar wrote:

> Hi Vlad,
>
> Hope you are doing good!
>
> I chose to switch the protocol. So now I am writing an analyzer for 
> 6LoWPAN
> instead of WiFi.
>
> Quick question:
>
> Will I be able to successfully use BinPac to write an analyzer for 
> 6LoWPAN?
>
> Also, if possible, please guide me with some key points to remember 
> while
> writing analyzer for 6LoWPAN.
>
> Your help will be greatly appreciated!
>
> Thanks,
> Pratik Inamdar
>
> On Mon, Mar 21, 2016 at 8:28 AM, Vlad Grigorescu <vladg at illinois.edu> 
> wrote:
>
>> Unfortunately, there is no way to implement lower level protocols 
>> with
>> BinPAC quickstart right now. Similary, we don't have any examples of 
>> a
>> BinPAC lower-level analyzer if you were to do it manually.
>>
>> If you are able to get it working, I'd certainly be interested in how
>> you did it, and would look at adding it to binpac_quickstart.
>>
>>   --Vlad
>>
>> pratik inamdar <pratikinamdar at gmail.com> writes:
>>
>>> [ text/plain ]
>>> Hi,
>>>
>>> In my project, I am integrating a WiFi protocol analyzer with bro to
>> parse
>>> and monitor WiFi packets header information.
>>>
>>> I am using BinPac to generate template for the WiFi protocol 
>>> analyzer in
>>> the src/analyzer/protocol directory.
>>>
>>> As per my knowledge WiFi(802.11) is not a TCP type of protocol. So I 
>>> wish
>>> to know what should I use instead of the option "--tcp" while using 
>>> the
>>> command:
>>>
>>> python start.py WiFi "WiFi Protocol" ../bro --tcp
>>>
>>> Any help will be really appreciated!
>>>
>>> --
>>>
>>> Thanks & Regards.
>>>
>>> Pratik Inamdar
>>> [ text/plain ]
>>> _______________________________________________
>>> Bro mailing list
>>> bro at bro-ids.org
>>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>
>
>
> -- 
>
> Thanks & Regards.
>
> Pratik Inamdar
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro


More information about the Bro mailing list