[Bro] ssh alternative ports
Robin Gruyters
r.gruyters at snow.nl
Tue Nov 11 00:21:58 PST 2008
Hell all,
I'm trying to add an alternative port for ssh in my policy file, but somehow it
doesn't work. I get the following error message:
bro at nsm$ bro -r test.lpc tcp weird alarm ssh test print-filter
./test.bro, line 12 (ssh_ports): error, "redef" used but not previously defined
bro at nsm$
When I check the ssh.bro policy I can see that it is possible to redefine the
ssh_ports:
[ssh.bro]
..
global ssh_ports = { 22/tcp, } &redef;
..
[/ssh.bro]
Below is my test policy file:
[test.bro]
@load site
redef local_nets: set[subnet] = {
10.1.1.0/24,
};
redef capture_filters += {
["ssh-alt"] = "tcp port 2122",
};
redef ssh_ports += {
2122/tcp,
};
[/test.bro]
I have tried to add the module name, but no luck.
bro at nsm$ bro -r test.lpc tcp weird alarm ssh test print-filter
./test.bro, line 12 (SSH::ssh_ports): error, "redef" used but not previously
defined
bro at nsm$
With kind regards,
Robin Gruyters
More information about the Bro
mailing list