about packet's load
Wang Shaofu
wsffree at hotmail.com
Tue Dec 24 05:07:45 PST 2002
Two hour to the great moment!
Best wish!
>Ah - the term you're looking for is "payload". You can get this using
>the "packet_contents" event handler, or using the new signature engine
>(for which Robin Sommer has contributed a new chapter for the Bro
>manual, which will be included in the next development release).
void FragReassembler::AddFragment(const struct ip* ip, const u_char* pkt,
uint32 frag_field)
{
......
// Remove header.
pkt += hdr_len;
len -= hdr_len;
+ printf("%s,/n",(char *) pkt);//change
NewBlock(network_time, offset, len, pkt);
}
I make the aboving change to print the payload of telnet , but it does not
work!
Ciao
Cloud
_________________________________________________________________
与联机的朋友进行交流,请使用 MSN Messenger: http://messenger.msn.com/cn
More information about the Bro
mailing list