subject:"\[Bro\-Dev\] Bro working well on Mac OS High Sierra, just a couple test failures"

Re: [Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

2017-10-04 Thread Slagell, Adam J



On Oct 4, 2017, at 2:14 PM, Thayer, Daniel N 
> wrote:

The second
failure looks like another race condition (try again a few times and it
will likely pass).

Right you are. 4th time’s a charm. :-)

--

Adam J. Slagell
Director, Cybersecurity & Networking Division
Chief Information Security Officer
National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign
www.slagell.info

"Under the Illinois Freedom of Information Act (FOIA), any written 
communication to or from University employees regarding University business is 
a public record and may be subject to public disclosure."








___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

Re: [Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

2017-10-04 Thread Daniel Thayer

The first test failure was fixed after the release of 2.5.1.  The second
failure looks like another race condition (try again a few times and it
will likely pass).


On 10/4/17 1:57 PM, Slagell, Adam J wrote:
> I had no problems after the upgrade to High Sierra on my “production” box, 
> and I had no troubles compiling Bro 2.5.1 on my laptop.
> 
> I did, however, get a two errors in the test suite.
> 
> core.truncation ... failed
>% 'btest-diff output' failed unexpectedly (exit code 1)
>% cat .diag
>== File ===
>#separator \x09
>#set_separator ,
>#empty_field   (empty)
>#unset_field   -
>#path  weird
>#open  2017-10-04-18-48-40
>#fieldsts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
>#types timestring  addrportaddrportstring  string  
> boolstring
>1334160095.895421  -   -   -   -   -   truncated_IP
> bro
>#close 2017-10-04-18-48-40
>#separator \x09
>#set_separator ,
>#empty_field   (empty)
>#unset_field   -
>#path  weird
>#open  2017-10-04-18-48-41
>#fieldsts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
>#types timestring  addrportaddrportstring  string  
> boolstring
>1334156241.519125  -   -   -   -   -   truncated_IP
> bro
>#close 2017-10-04-18-48-41
>#separator \x09
>#set_separator ,
>#empty_field   (empty)
>#unset_field   -
>#path  weird
>#open  2017-10-04-18-48-41
>#fieldsts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
>#types timestring  addrportaddrportstring  string  
> boolstring
>1334094648.590126  -   -   -   -   -   truncated_IP
> bro
>#close 2017-10-04-18-48-41
>#separator \x09
>#set_separator ,
>#empty_field   (empty)
>#unset_field   -
>#path  weird
>#open  2017-10-04-18-48-43
>#fieldsts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
>#types timestring  addrportaddrportstring  string  
> boolstring
>1338328954.078361  -   -   -   -   -   
> internally_truncated_header -   F   bro
>#close 2017-10-04-18-48-43
>#separator \x09
>#set_separator ,
>#empty_field   (empty)
>#unset_field   -
>#path  weird
>#open  2017-10-04-18-48-43
>#fieldsts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
>#types timestring  addrportaddrportstring  string  
> boolstring
>1404148886.981015  -   -   -   -   -   
> bad_IP_checksumbro
>1404148887.011158  CHhAvVGS1DHFjwGM9   192.168.4.149   51293   
> 72.21.91.29 443 bad_TCP_checksum-   F   bro
>#close 2017-10-04-18-48-43
>== Diff ===
>--- /tmp/test-diff.62112.output.baseline.tmp   2017-10-04 
> 18:48:43.0 +
>+++ /tmp/test-diff.62112.output.tmp2017-10-04 18:48:43.0 
> +
>@@ -46,5 +46,6 @@
> #open -XX-XX-XX-XX-XX
> #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
> id.resp_p   nameaddlnotice  peer
> #typestimestring  addrportaddrportstring  string  
> boolstring
>-0.00  -   -   -   -   -   truncated_link_header   
> bro
>+XX.XX -   -   -   -   -   
> bad_IP_checksumbro
>+XX.XX CHhAvVGS1DHFjwGM9   192.168.4.149   51293   
> 72.21.91.29 443 bad_TCP_checksum-   F   bro
> #close -XX-XX-XX-XX-XX
>===
> 
>% cat .stderr
>1404148887.011158 warning in 
> /Users/slagell/Downloads/bro-2.5.1/scripts/base/misc/find-checksum-offloading.bro,
>  line 54: Your trace file likely has invalid IP and TCP checksums, most 
> likely from NIC checksum offloading.  By default, packets with invalid 
> checksums are discarded by Bro unless using the -C command-line option or 
> toggling the 'ignore_checksums' variable.  Alternatively, disable checksum 
> offloading by the network adapter to ensure Bro analyzes the actual checksums 
> that are transmitted.
>1404148887.011158 warning in 
> /Users/slagell/Downloads/bro-2.5.1/scripts/base/misc/find-filtered-trace.bro, 
> line 48: The analyzed trace file was determined to contain only TCP control 
> packets, which may indicate it's been pre-filtered.  By

[Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

2017-10-04 Thread Slagell, Adam J

I had no problems after the upgrade to High Sierra on my “production” box, and 
I had no troubles compiling Bro 2.5.1 on my laptop.

I did, however, get a two errors in the test suite.

core.truncation ... failed
  % 'btest-diff output' failed unexpectedly (exit code 1)
  % cat .diag
  == File ===
  #separator \x09
  #set_separator,
  #empty_field  (empty)
  #unset_field  -
  #path weird
  #open 2017-10-04-18-48-40
  #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
  #typestimestring  addrportaddrportstring  string  
boolstring
  1334160095.895421 -   -   -   -   -   truncated_IP
bro
  #close2017-10-04-18-48-40
  #separator \x09
  #set_separator,
  #empty_field  (empty)
  #unset_field  -
  #path weird
  #open 2017-10-04-18-48-41
  #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
  #typestimestring  addrportaddrportstring  string  
boolstring
  1334156241.519125 -   -   -   -   -   truncated_IP
bro
  #close2017-10-04-18-48-41
  #separator \x09
  #set_separator,
  #empty_field  (empty)
  #unset_field  -
  #path weird
  #open 2017-10-04-18-48-41
  #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
  #typestimestring  addrportaddrportstring  string  
boolstring
  1334094648.590126 -   -   -   -   -   truncated_IP
bro
  #close2017-10-04-18-48-41
  #separator \x09
  #set_separator,
  #empty_field  (empty)
  #unset_field  -
  #path weird
  #open 2017-10-04-18-48-43
  #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
  #typestimestring  addrportaddrportstring  string  
boolstring
  1338328954.078361 -   -   -   -   -   
internally_truncated_header -   F   bro
  #close2017-10-04-18-48-43
  #separator \x09
  #set_separator,
  #empty_field  (empty)
  #unset_field  -
  #path weird
  #open 2017-10-04-18-48-43
  #fields   ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
  #typestimestring  addrportaddrportstring  string  
boolstring
  1404148886.981015 -   -   -   -   -   
bad_IP_checksumbro
  1404148887.011158 CHhAvVGS1DHFjwGM9   192.168.4.149   51293   
72.21.91.29 443 bad_TCP_checksum-   F   bro
  #close2017-10-04-18-48-43
  == Diff ===
  --- /tmp/test-diff.62112.output.baseline.tmp  2017-10-04 18:48:43.0 
+
  +++ /tmp/test-diff.62112.output.tmp   2017-10-04 18:48:43.0 +
  @@ -46,5 +46,6 @@
   #open -XX-XX-XX-XX-XX
   #fields  ts  uid id.orig_h   id.orig_p   id.resp_h   
id.resp_p   nameaddlnotice  peer
   #types   timestring  addrportaddrportstring  string  
boolstring
  -0.00 -   -   -   -   -   truncated_link_header   
bro
  +XX.XX-   -   -   -   -   
bad_IP_checksumbro
  +XX.XXCHhAvVGS1DHFjwGM9   192.168.4.149   51293   
72.21.91.29 443 bad_TCP_checksum-   F   bro
   #close -XX-XX-XX-XX-XX
  ===

  % cat .stderr
  1404148887.011158 warning in 
/Users/slagell/Downloads/bro-2.5.1/scripts/base/misc/find-checksum-offloading.bro,
 line 54: Your trace file likely has invalid IP and TCP checksums, most likely 
from NIC checksum offloading.  By default, packets with invalid checksums are 
discarded by Bro unless using the -C command-line option or toggling the 
'ignore_checksums' variable.  Alternatively, disable checksum offloading by the 
network adapter to ensure Bro analyzes the actual checksums that are 
transmitted.
  1404148887.011158 warning in 
/Users/slagell/Downloads/bro-2.5.1/scripts/base/misc/find-filtered-trace.bro, 
line 48: The analyzed trace file was determined to contain only TCP control 
packets, which may indicate it's been pre-filtered.  By default, Bro reports 
the missing segments for this type of trace, but the 'detect_filtered_trace' 
option may be toggled if that's not desired.

istate.bro-ipv6-socket ... failed
  % 'btest-bg-wait 20' failed unexpectedly (exit code 1)
  % cat .stderr
  The following processes did not terminate:
  
  bro -b ../recv.bro
  bro -b ../send.bro
  
  ---
  <<< [72978] bro -b ../recv.bro
  received termination signal
  >>>
  <<< [72998] bro -b ../send.bro
  received termination signal
  >>>

--

Adam J.

Re: [Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

Re: [Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

[Bro-Dev] Bro working well on Mac OS High Sierra, just a couple test failures

3 matches

Site Navigation

Mail list logo

Footer information