[Bro] Construction of connection
Sandro Reichert
sanreich at gmx.de
Sat Aug 11 08:32:38 PDT 2007
Hi,
> i would make a connection of protocol TCP, can you give me a
> documentation or an URL who explain why make this,
do you like to create an inter-bro connection between two bro nodes
alice and bob? A short documentation can be found in chapter 3.5:
http://www.icir.org/christian/broccoli/manual/c85.html
For testing cleartext communication between the two nodes, you can use
something like following lines.
site/bob.bro:
@load listen-clear
redef Remote::destinations += {
["alice"] = [$host = 192.168.0.10, $events = /.*/, $connect=T, $ssl=F]
};
site/alice.bro:
@load listen-clear
redef Remote::destinations += {
["bob"] = [$host = 192.168.0.11, $events = /.*/, $connect=F, $ssl=F]
};
To specify, which events you like to register for, use $events = pattern
where pattern is a regular-expression pattern. The syntax is the same
as for the flex version of the lex utility:
http://www.bro-ids.org/wiki/index.php/Reference_Manual:_Values%2C_Types%2C_and_Constants#Patterns
I hope this is what you asked for!
Bye, sandro
More information about the Bro
mailing list