[Bro] testing binpac generated parser
tomas.bortoli at sit.fraunhofer.de
Wed May 17 07:39:15 PDT 2017
I am having troubles getting any sign of functioning from a simple parser defined in binpac.
I followed the tutorial at: https://github.com/grigorescu/binpac_quickstart
Then I wrote pretty simple headers definitions on my *-protocol.pac definition, then I added a print `std::cout << "Name PDU" << endl;` after the statement that generate the basic PDU event for the bro policy script engine in the *-analyzer.pac. I successfully compiled the parser definitions with binpac and then I recompiled bro (observing that the new parser is included in the compilation process.
But then when I run bro with a pcap file that contains a packet that should be parsed by the binpac generated code, I don't get any output and don't know how to troubleshoot it..
Any suggestion ?
thanks in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro