[Bro-Dev] [Bro] Best way to contribute to existing analyzer

Valerio valerio.click at gmx.com
Mon Jan 8 10:25:01 PST 2018


Hi,

after a few months I finally made to pack my contribution proposal as a
pull request available at

https://github.com/bro/bro/pull/121

The patch introduces new options types for DHCP protocol and extends
dhcp event including new parameters that I believe are useful in network
forensics analysis.

The options are the following:

55 Parameters Request List;
58 Renewal time;
59 Rebinding time;
61 Client Identifier;
82 Relay Agent Information.

while the following are the extended events:

dhcp_discover exports client identifier and parameters request list;
dhcp_request exports client_identifier and parameters request list;
dhcp_ack exports rebinding time, renewal time and list of suboptions
value of
dhcp relay agent information option;
dhcp_inform exports parameters request list.

Looking forward to receving feedbacks!

best,
Valerio

Il 14/06/2017 01:28, Robin Sommer ha scritto:
> 
> 
> On Wed, Jun 14, 2017 at 01:04 +0200, Valerio wrote:
> 
>> What would be the best procedure (and format) to submit such a patch?
> 
> Easiest is to prepare a pull request on GitHub. We have some
> guidelines here:
> https://www.bro.org/development/contribute.html#submitting-patches
> 
> Looking forward to your patches!
> 
> Robin
> 


More information about the bro-dev mailing list