[Bro] Startup cleanup

James Lay jlay at slave-tothe-box.net
Thu Aug 24 08:56:04 PDT 2017 

So here's my startup line and standard output

sudo /usr/local/bro/bin/bro -C -i eth0 -i eth1 --filter 'not ((host 
x.x.x.x and net 192.168.1.0/24) and (tcp port <snip> or tcp port <snip> 
)) and not ip6' local "Site::local_nets += { x.x.x.x/32,192.168.1.0/24 
}"
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/__load__.bro, line 
1: Discarded extraneous Broxygen comment: check link in mail_links
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/__load__.bro, line 
1: Discarded extraneous Broxygen comment: for
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/__load__.bro, line 
1: Discarded extraneous Broxygen comment:  print fmt ("log_mine 
Log_mime: %s", rec);
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/__load__.bro, line 
1: Discarded extraneous Broxygen comment: aashish: need to port to file 
analysis framework
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: check link in mail_links
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: for
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment:        print fmt 
("log_mine Log_mime: %s", rec);
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: aashish: need to port to 
file analysis framework
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: check link in mail_links
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: for
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment:        print fmt 
("log_mine Log_mime: %s", rec);
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/./conn-established.bro, 
line 1: Discarded extraneous Broxygen comment: aashish: need to port to 
file analysis framework
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: check link in mail_links
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: for
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment:       print fmt 
("log_mine Log_mime: %s", rec);
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: aashish: need to port to 
file analysis framework
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: check link in mail_links
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: for
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment:       print fmt 
("log_mine Log_mime: %s", rec);
internal warning in 
/usr/local/bro/share/bro/policy/frameworks/intel/seen/././where-locations.bro, 
line 1: Discarded extraneous Broxygen comment: aashish: need to port to 
file analysis framework
<params>, line 1: listening on eth0

<params>, line 1: listening on eth1

1503589314.254774 error in <params>, line 1: Bad IP address: 5
1503589314.254774 error in <params>, line 1: Bad IP address: 6
1503589314.254774 error in <params>, line 1: Bad IP address: 1

Anything I need to be concerned about here?  Thank you.

James

More information about the Bro mailing list