[Bro-Dev] [JIRA] (BIT-1407) -f silently fails if base/frameworks/packet-filter isn't loaded
Robin Sommer
robin at icir.org
Mon Jun 1 08:10:39 PDT 2015
On Sat, May 30, 2015 at 15:31 -0500, you wrote:
> Jira, I couldn't find the thread). But to revisit: the "-f filter"
> option silently does nothing if base/frameworks/packet-filter isn't
> loaded (so the scenario here is using -b to suppress its automatic
> loading). This can lead to seriously confusing behavior.
Yeah, I can see that. I think the main problem is the interaction
between the command-line option and script, something that's rare
(i.e., that the command-line option is tight that closely to a script
being loaded). I would actually suggest we remove the command-line
option altogether and instead work with a global: "bro -i eth0
PacketFilter::filter=XXXX" (I believe we have a global with that
effect already, otherwise we could add it).
Robin
More information about the bro-dev
mailing list