[Bro] can't compile BRO policy
Paolo Tironi
paolo.tironi85 at gmail.com
Fri Jul 11 07:28:06 PDT 2008
Hi,
we are 3 students of University of Milan (DTI - Crema): Paolo Tironi, Paolo
Bettini and Matteo Morato.
We study for a project on Bro IDS.
We install BRO only running ./configure and make, and then we setted
$ pwd
/home/christian/devel/bro
$ echo $BROPATH
/home/christian/devel/bro/policy:/home/christian/devel/bro/policy/sigs
Next, we setted the BRO_DNS_FAKE environment variable.
Finally we runned BRO: $ ./src/bro -r trace1.tcpdump tcp scan alarm weird.
We have some problems:
bt bin # bro -r trace1.tcpdump tcp scan alarm weird dns
/usr/local/bro/policy/bro.init, line 1: warning: problem initializing
NB-DNS: connect(200.3.200.5): Network is unreachable
/usr/local/bro/policy/dns.bro, line 123: run-time error: error compiling
pattern /^?.*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\.in-addr\.arpa)/
/usr/local/bro/policy/dns.bro, line 179: run-time error: error compiling
pattern /^?.*(\.)/
/usr/local/bro/policy/dns.bro, line 557: run-time error: error compiling
pattern /^?.*(\?(PTR|\*.*in-addr).*)/
/usr/local/bro/policy/dns.bro, line 571: run-time error: error compiling
pattern /^?.*(\?(PTR|\*.*in-addr).*)/
line 1: warning: event handlers never invoked:
line 1: warning: account_tried
Is there anybody who can help me?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20080711/5c85fcaa/attachment.html
More information about the Bro
mailing list