[Bro-Dev] #861: Merging DNP3 Analyzer
Bro Tracker
bro at tracker.bro-ids.org
Wed Aug 29 17:48:40 PDT 2012
#861: Merging DNP3 Analyzer
----------------------------+------------------------
Reporter: hui | Owner:
Type: Merge Request | Status: new
Priority: Normal | Milestone: Bro2.2
Component: Bro | Version: git/master
Resolution: | Keywords: dnp3
----------------------------+------------------------
Comment (by robin):
I've merged this with master into the temporary branch
{{topic/topic/robin/dnp3-merge}}.
Hui, a number of points/questions:
- I've added a set of {{{TODO-Hui}}} throughout the new code. Please take
a look and address (just grep for it).
- I moved the global variables in {{{DNP3.cc}{} into the analyzer class.
I'm actually surprised that this has ever worked: it looks like you kept
state across flows with a single variable; am I missing something?
- Please take a look at the new test
{{{scripts.base.protocols.dnp3.events}}} and check the output if it
matches with what you would expect.
- Which of the many events did you have data for to test with? I've added
the DNP3 traces from Dina, they trigger 11 of the 51 events. Do we have
more we can add to the test suite?
- Please document the events in {{{src/events.bif}}}, similar to how other
events are documented.
- Does DNP3 have cases similar to Modbus where it would make sense to pass
arrays of integers (or other elements)? If so, that would be good to do
(but I don't know the protocol enough to say more).
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/861#comment:3>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list