[Bro-Dev] [JIRA] (BIT-903) -b turns off -f
Seth Hall (JIRA)
jira at bro-tracker.atlassian.net
Thu Nov 7 13:30:31 PST 2013
[ https://bro-tracker.atlassian.net/browse/BIT-903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Seth Hall updated BIT-903:
--------------------------
Attachment: signature.asc
If we could check command line arguments in Bro scripts we could implement that functionality. ;)
> -b turns off -f
> ---------------
>
> Key: BIT-903
> URL: https://bro-tracker.atlassian.net/browse/BIT-903
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Affects Versions: git/master
> Reporter: Vern Paxson
> Fix For: 2.3
>
> Attachments: signature.asc, single-tcp-conn-est.trace
>
>
> Running with \-b (bare bones) disables processing by \-f. Boy did this take me a long time to figure out :-(.
> Reproduce using the appended trace. Invoking with *-e 'event connection_established(c:connection) \{ print "yep"; }*' will print "yep". Invoking with that plus *-f 'not tcp*' won't print anything. But invoking with *-f 'not tcp' \-b* _does_ print "yep".
--
This message was sent by Atlassian JIRA
(v6.2-OD-01#6204)
More information about the bro-dev
mailing list