[Bro] Enabling Router blocks

Vern Paxson vern at icir.org
Fri Jun 24 00:13:02 PDT 2005


Ah - I see the problem.  I misinterpreted:

> >> However, when I start bro I get error: can't open drop.

to mean it was coming from the shell.  But it's coming from Bro.  There
isn't any policy script called drop.bro, so it's telling you that "@load
drop" failed.

You turn on address dropping by

	@load scan
	redef can_drop_connectivity = T;

and redefining "drop_connectivity_script" (which it sounds like you've
already done).

		Vern



More information about the Bro mailing list