Bro 1.4 pre-release

Vern · August 1, 2008, 6:19am

We are just about ready to release Bro version 1.4. Prior to doing so,
wed like to have some folks volunteer to try out a pre-release to catch
any lingering problems. If you're interested in doing so, reply privately
to me *and Robin Sommer (cc'd)* and we'll point you at the distribution.

Vern

(Note, I'm out of the office for several weeks, with limited email access,
which is why you should be sure to include Robin.)

robin · August 11, 2008, 11:10pm

We have made another Bro 1.4 pre-release available at

http://www.icir.org/robin/tmp/bro-1.4.prerelease.1.tar.gz

Let us know if you encounter anything unexpected.

Since the earlier pre-release, some minor issues have been fixed
(mainly platform incompatibilities).

Robin

Stephan · August 18, 2008, 11:50am

Hi,

I the attachment you find some patches for Solaris.
It runs then on Solaris 8 + 10.

The first definition in any bro rule should be:
redef use_connection_compressor = F;

Patch description:
- patch-aux-nftools-nfcommin.h:
    include the main config.h for some u_int_(8|16|32)
    definitions who are not defined in Solaris.
- patch-src-ARP.h:
    without including net/if.h there are no compile errors
- patch-src-Conn.h:
    some changes (from Robin) to switch on compressor
- patch-src-Desc.cc + patch-src-FlowSrc.cc:
    include errno.h otherwise the compiler could not find
    errno
- patch-src-Makefile.in:
    the configure in libedit miss the termcap.h in the include path
    so it will be faked

After this patches it runs on Solaris 8 with the default rules or
to extract SSL certificates.

Best regards,
Stephan

bro-1.4.prerelease.1.tar.gz (1.32 KB)

Po-Ching_Lin · October 2, 2008, 9:15am

I got an error message when executing the pre-release with icmp.bro.

[pclin@roland bin]$ ./bro -r ~/http.trace icmp
../share/bro/conn.bro, line 332: error: unknown identifier Hot::check_hot, at or near "Hot::check_hot"

The export of the Hot::check_hot looks normal. Did I miss anything, or is it a bug?

Po-Ching

Robin Sommer mentioned:

Vern · October 4, 2008, 8:50pm

[pclin@roland bin]$ ./bro -r ~/http.trace icmp
../share/bro/conn.bro, line 332: error: unknown identifier
Hot::check_hot, at or near "Hot::check_hot"

Thanks for flagging this. It's a bug, and the upcoming 1.4 release will
include a fix for it (which, weirdly, is to remove the @load of conn.bro
from notice-action-filters.bro).

Vern

Topic		Replies	Views
Bro 1.3 available for pre-testing (esp. OpenBSD) Zeek	16	48	May 6, 2022
Bro 1.4 release now available Zeek	6	106	May 6, 2022
Modifying Bro for NetBSD Zeek	1	61	May 6, 2022
new bro "CURRENT" release - 0.8a82 Zeek	1	43	May 6, 2022
Bro 1.3 available for pre-testing (esp. OpenBSD) Zeek	1	60	May 6, 2022

Bro 1.4 pre-release

Related Topics