[Bro-Dev] I am bit-wise logical operations in Bro script?

Vern Paxson vern at icir.org
Fri Dec 23 07:27:13 PST 2011


> In the DNP3 protocol analyzer that I am writing, I need to check some
> certain byte value (or even single bit) within the parsed field. It will be
> easy to do that if we have bitwise logical operator.

Note, the usual idiom for doing this sort of thing would be to have the
analyzer code (i.e., the C++/BinPAC that handles the parsing) break out
the fields and make them available directly to the scripting layer, such
as via a record.  Generally the only reason not to do that is if it would
be too messy.

		Vern


More information about the bro-dev mailing list