Hi all,
I am having troubles getting any sign of functioning from a simple parser defined in binpac.
I followed the tutorial at: https://github.com/grigorescu/binpac_quickstart
Then I wrote pretty simple headers definitions on my *-protocol.pac definition, then I added a print std::cout << "Name PDU" << endl; after the statement that generate the basic PDU event for the bro policy script engine in the *-analyzer.pac. I successfully compiled the parser definitions with binpac and then I recompiled bro (observing that the new parser is included in the compilation process.
But then when I run bro with a pcap file that contains a packet that should be parsed by the binpac generated code, I don’t get any output and don’t know how to troubleshoot it…
Any suggestion ?
thanks in advance,
Tomas