[Bro-Dev] #509: SMTP rework
Bro Tracker
bro at tracker.bro-ids.org
Fri Jul 29 13:04:44 PDT 2011
#509: SMTP rework
---------------------+------------------------
Reporter: seth | Owner: jsiwek
Type: Task | Status: assigned
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version: git/master
Resolution: | Keywords: preview
---------------------+------------------------
Comment (by jsiwek):
In [17d74c23dbb60bcf2917d3f1b8ce2d8dc46adbd2/bro]:
{{{
#!CommitTicketReference repository="bro"
revision="17d74c23dbb60bcf2917d3f1b8ce2d8dc46adbd2"
SMTP script refactor. (addresses #509)
- message header state tracking is now done by handling mime_one_header
instead of parsing the data in the smtp_data event
- changed the logging point to be when an smtp_reply is seen in response
to the end of a DATA section
- the smtp package now uses it's own mime script and logging stream for
logging entities, extraction, etc.
- fixes for mime file extraction: now logs the extracted file name, and
the count of extracted files needed to be maintained in the State record
}}}
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/509#comment:2>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list