[Bro] BinPAC and custom types
Stuart H
stu.h at live.com
Wed Apr 25 09:44:46 PDT 2018
Hi,
I’m making some good progress writing an analyser with BinPAC, only small issue is that I can’t find a way to get custom Bro script types to be parsed on initiation of Bro. I’ve tried adding a types.bif file and defining the type there but can only seem to do a simple definition such as:
type <module>::<custom type>: record;
rather than the full definition:
type <module>::<custom type>: record {
bool_var1: bool;
bool_var2: bool;
int_var: int;
};
I have to add the above type manually to the generated Bro_<module>.events.bif.bro file or the core init-bare.bro file.
I’ve had a search around, but all references are to add it to the init-bare.bro file. Changing one of the core files doesn’t seem to fit with the plugin style of development.
Is there any way to add a type without doing it manually or tainting init-bare.bro?
Thanks,
Stu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180425/77a40963/attachment.html
More information about the Bro
mailing list