[Bro-Dev] [JIRA] (BIT-1365) direction field of SSH::Info no longer populated
Jon Siwek (JIRA)
jira at bro-tracker.atlassian.net
Wed Apr 1 08:07:00 PDT 2015
Jon Siwek created BIT-1365:
------------------------------
Summary: direction field of SSH::Info no longer populated
Key: BIT-1365
URL: https://bro-tracker.atlassian.net/browse/BIT-1365
Project: Bro Issue Tracker
Issue Type: Problem
Components: Bro
Affects Versions: git/master
Reporter: Jon Siwek
Fix For: 2.4
Here's the bug report:
{quote}
Reporter::ERROR field value missing
[SSH::c$ssh$direction] /usr/local/bro/share/bro/policy/protocols/ssh/geo-da
ta.bro, line 29
Reporter::WARNING non-void function returns without a value:
SSH::get_location (empty)
Tracing this back, it looks like the SSH::c$ssh$direction is not being
populated. I checked the /base/protocols/ssh/main.bro file and it looks
like the function is missing.
Looking at https://www.bro.org/sphinx/_downloads/main32.bro and
https://github.com/bro/bro/blob/master/scripts/base/protocols/ssh/main.bro
it looks like the function that determined the direction was removed at
one point, which looks like it causes the
/usr/local/bro/share/bro/policy/protocols/ssh/geo-data.bro script to fail
{quote}
--
This message was sent by Atlassian JIRA
(v6.4-OD-16-006#64014)
More information about the bro-dev
mailing list