[Zeek] Hui Lin_DNP3 analyzer not working in current version of zeek
Hui Lin (Hugo)
hlin33 at illinois.edu
Sun Jun 16 15:15:06 PDT 2019
Hi
It seemed that the DNP3 analyzer is not working properly in the current
version of zeek. I have a pcap file containing around 400 DNP3 read
requests and responses. I have included a print message in both
"dnp3_application_request_header" and "dnp3_application_response_header"
event handlers, but only two messages are print out for the request
packets. Actually for the same pcap, in a version that I git last year, bro
works fine by printing all messages. Any idea what happens? If needed, I
can provide the pcap for the testing.
Thank you and best regards,
Hui Lin
--
Hui Lin
Ph.D. Candidate (http://hlin33.web.engr.illinois.edu/)
DEPEND (http://depend.csl.illinois.edu/)
ECE, Uni. of Illinois at Urbana-Champaign
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190616/2a0e5610/attachment.html
More information about the Zeek
mailing list