[Bro-Dev] [JIRA] (BIT-1407) -f silently fails if base/frameworks/packet-filter isn't loaded
Robin Sommer (JIRA)
jira at bro-tracker.atlassian.net
Mon Jun 1 08:12:01 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=20900#comment-20900 ]
Robin Sommer commented on BIT-1407:
-----------------------------------
Yeah, I can see that. I think the main problem is the interaction
between the command-line option and script, something that's rare
(i.e., that the command-line option is tight that closely to a script
being loaded). I would actually suggest we remove the command-line
option altogether and instead work with a global: "bro -i eth0
PacketFilter::filter=XXXX" (I believe we have a global with that
effect already, otherwise we could add it).
Robin
> -f silently fails if base/frameworks/packet-filter isn't loaded
> ---------------------------------------------------------------
>
> Key: BIT-1407
> URL: https://bro-tracker.atlassian.net/browse/BIT-1407
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Reporter: Vern Paxson
>
> I know we've been through this before (though searching the tickets in Jira, I couldn't find the thread). But to revisit: the "-f filter" option silently does nothing if base/frameworks/packet-filter isn't loaded (so the scenario here is using -b to suppress its automatic loading). This can lead to seriously confusing behavior. It would be preferable if there's either an error message indicating that the option won't be supported, or if it forced loading of packet-filter.
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
More information about the bro-dev
mailing list