[Bro-Dev] [JIRA] (BIT-1407) -f silently fails if base/frameworks/packet-filter isn't loaded
Vern Paxson (JIRA)
jira at bro-tracker.atlassian.net
Mon Jun 1 11:34:01 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=20903#comment-20903 ]
Vern Paxson commented on BIT-1407:
----------------------------------
While there's an appeal to processing arguments in script-land, because some arguments control basic script processing (e.g., -p), I'm not sure this can be done in a coherent fashion without some significant under-the-hood kludges.
Regarding replacing -f with PacketFilter::filter=XXXX, yuck - I wouldn't want to have to remember that, and there's no ready way for a user to discover this.
I'd be happy settling for -f warning (or exiting) with a statement that without the packet filtering framework loaded, it's a no-op. Though I have a forboding that you're going to tell me that that's actually hard to implement :-P.
> -f silently fails if base/frameworks/packet-filter isn't loaded
> ---------------------------------------------------------------
>
> Key: BIT-1407
> URL: https://bro-tracker.atlassian.net/browse/BIT-1407
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Reporter: Vern Paxson
> Attachments: signature.asc
>
>
> I know we've been through this before (though searching the tickets in Jira, I couldn't find the thread). But to revisit: the "-f filter" option silently does nothing if base/frameworks/packet-filter isn't loaded (so the scenario here is using -b to suppress its automatic loading). This can lead to seriously confusing behavior. It would be preferable if there's either an error message indicating that the option won't be supported, or if it forced loading of packet-filter.
--
This message was sent by Atlassian JIRA
(v6.5-OD-05-041#65001)
More information about the bro-dev
mailing list