[Bro] testing binpac generated parser
Bortoli, Tomas
tomas.bortoli at sit.fraunhofer.de
Wed May 17 07:39:15 PDT 2017
Hi all,
I am having troubles getting any sign of functioning from a simple parser defined in binpac.
I followed the tutorial at: https://github.com/grigorescu/binpac_quickstart
Then I wrote pretty simple headers definitions on my *-protocol.pac definition, then I added a print `std::cout << "Name PDU" << endl;` after the statement that generate the basic PDU event for the bro policy script engine in the *-analyzer.pac. I successfully compiled the parser definitions with binpac and then I recompiled bro (observing that the new parser is included in the compilation process.
But then when I run bro with a pcap file that contains a packet that should be parsed by the binpac generated code, I don't get any output and don't know how to troubleshoot it..
Any suggestion ?
thanks in advance,
Tomas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170517/84e6e7c7/attachment.html
More information about the Bro
mailing list