c++ -I. -O -I../libpcap-0.4 -Ilinux-include -c Func.cc
Func.cc: In function `void do_fmt (const char *&, Val *, ODesc *)':
Func.cc:244: `localtime' undeclared (first use this function)
Func.cc:244: (Each undeclared identifier is reported only once for each
function it appears in.)
Func.cc:244: `strftime' undeclared (first use this function)
Try adding an include of <time.h> at the beginning of Func.cc and see
if that resolves the problem.
Vern
Hi,
Lot of OS probes works by sending a combination of flags like
SFU12, SF12 etc and seeing how the OS behaves. I was wondering how to detect
these kind of probes using bro .
I know it can be done easily in the TCPConnection::NextPacket()
where you have the syn,fin,rst and other flags in separate variables.
Probably i could look for those pattern call the Weird().
But is that the way to go about it ? Or should the detection be done
at the bro-script level.
thanks
Ashley