All,
I am trying to analyze the client subnet option (RFC 7871) in some of the network traffic where it is set. It is not appear in dns.log. Also it appears to cause an issue in weird.log.
Is this a known issue or bug?
Thanks,
Ben
Hi Ben:
If you look at share/bro/base/protocols/dns/main.bro, you will find that the EDNS section is commented out, and labeled: TODO: figure out how to handle these
So, its another area of Bro that Needs Workâ˘
Take care,
Jim Mellander
ESNet