[Bro] BinPAC analyzer name
Dane Wullen
brot212 at googlemail.com
Mon Nov 28 15:11:00 PST 2016
Hey,
thanks for your reply.
"Don't work" means that it doesn't raise any event nor executes the
(C++) code in the analyser.pac file. It's like it can't read the traffic
or something.
Like I said, when I name it Test or PROTO-AMS or something like that, it
works fine.
Dane
Am 29.11.2016 um 00:05 schrieb Johanna Amann:
> By don't work - do you mean that it doesn't compile? Or does it not get
> any traffic? Or does it not raise events?
>
> Johanna
>
> On Mon, Nov 07, 2016 at 11:56:01PM +0100, Dane Wullen wrote:
>> Hi there,
>>
>> I wrote a new analyzer with BinPAC for a protocol named 'AMS'.
>> Somehow when I create the analyzer via the binpac python script and name
>> the analyzer 'AMS' or 'ams', the analyzer won't work. When I name it
>> 'TEST' or 'test', it works fine (same protocol specification, C++ Code,
>> etc.)
>>
>> Is there a name convention for new analyzer? Or does anyone know, why
>> BinPAC/Bro won't accept the name 'ams'?
>>
>> Thank you!
>>
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
More information about the Bro
mailing list