base/misc/find-filtered-trace.bro

FilteredTraceDetection

Discovers trace files that contain TCP traffic consisting only of control packets (e.g. it’s been filtered to contain only SYN/FIN/RST packets and no content). On finding such a trace, a warning is emitted that suggests toggling the detect_filtered_trace option may be desired if the user does not want Bro to report missing TCP segments.

Namespace:FilteredTraceDetection
Source File:/scripts/base/misc/find-filtered-trace.bro

Summary

State Variables

FilteredTraceDetection::enable: bool &redef Flag to enable filtered trace file detection and warning message.

Detailed Interface

State Variables

FilteredTraceDetection::enable
Type:bool
Attributes:&redef
Default:T

Flag to enable filtered trace file detection and warning message.


Table of Contents

Next Page

base/misc/version.bro

Previous Page

base/misc/find-checksum-offloading.bro

Copyright 2016, The Bro Project. Last updated on December 07, 2018. Created using Sphinx 1.8.2.