I'll give that a whirl. Thanks again for the quick responses on this! -AK
On Thu, Mar 14, 2019, 10:49 Michael Dopheide <dophe...@es.net> wrote: > Heh.. this is what I get for not following up on a WIP merge... Try the > topic/dopheide/namespace branch of github.com/esnet/binpac_quickstart. > > That should allow you to specify Demo::ConnTaste, but it will uppercase > that to Demo::CONNTASTE, which I believe was an old convention. > > -Dop > > On Wed, Mar 13, 2019 at 9:25 PM Michael Dopheide <dophe...@es.net> wrote: > >> Okay, with your original line for quickstart, this works rather than >> Demo::ConnTaste. >> >> bash-3.2# /usr/local/bro/bin/bro -NN Bro::CONNTASTE >> Bro::CONNTASTE - This thing analyzer (dynamic, no version information) >> [Analyzer] CONNTASTE (ANALYZER_CONNTASTE, enabled) >> [Event] conntaste_event >> >> So we've got some plugin naming issues to deal with, which I hope to work >> out tomorrow. It shouldn't be about reinventing the universe, binpac is >> hard enough. :) >> >> -Dop >> >> On Wed, Mar 13, 2019 at 4:44 PM anthony kasza <anthony.ka...@gmail.com> >> wrote: >> >>> I tried changing the name provided to the setup script as suggested. >>> Doing so gives me many errors when I try to ./configure the plugin from >>> within the conn-taste/ directory. CMake states that >>> DEMO::CONNTASTE-events.bif is "reserved or not valid for for certain CMake >>> features". It complains about many of the file names. >>> >>> Additionally, all the files in conn-taste/src/ look like >>> DEMO::CONNTASTE.cc :( >>> >>> -AK >>> >>> On Wed, Mar 13, 2019, 13:43 Michael Dopheide <dophe...@es.net> wrote: >>> >>>> I believe you want to change this line: >>>> >>>> ./start.py ConnTaste "Connection Byte Offset Tasting" ... >>>> >>>> to >>>> >>>> ./start.py Demo::ConnTaste "Connection Byte Offset Tasting" ... >>>> >>>> -Dop >>>> >>>> >>>> On Wed, Mar 13, 2019 at 2:35 PM anthony kasza <anthony.ka...@gmail.com> >>>> wrote: >>>> >>>>> Many thanks for the quick responses! >>>>> >>>>> I am receiving these errors: >>>>> ``` >>>>> error in /usr/local/bro/share/bro/base/init-bare.bro, line 1: plugin >>>>> Demo::ConnTaste is not available >>>>> fatal error in /usr/local/bro/share/bro/base/init-bare.bro, line 1: >>>>> Failed to activate requested dynamic plugin(s). >>>>> ``` >>>>> >>>>> After executing these commands: >>>>> ``` >>>>> git clone --recursive https://github.com/zeek/zeek.git >>>>> cd zeek >>>>> ./configure >>>>> make >>>>> DIST=`pwd` >>>>> >>>>> cd aux/bro-aux/plugin-support >>>>> ./init-plugin -u ./conn-taste Demo ConnTaste >>>>> BRO_PLUGIN_PATH=`pwd` >>>>> >>>>> cd ${DIST} >>>>> cd ../ >>>>> git clone https://github.com/esnet/binpac_quickstart.git >>>>> cd binpac_quickstart >>>>> pip install docopt jinja2 >>>>> ./start.py ConnTaste "Connection Byte Offset Tasting" >>>>> ${BRO_PLUGIN_PATH}/conn-taste/ --tcp --buffered --plugin >>>>> >>>>> cd ${BRO_PLUGIN_PATH}/conn-taste >>>>> ./configure --bro-dist=${DIST} >>>>> make >>>>> >>>>> cd ${DIST} >>>>> ./configure >>>>> make >>>>> make install >>>>> >>>>> bro -NN Demo::ConnTaste >>>>> ``` >>>>> >>>>> I'm guessing there is some environment variable I am missing as I >>>>> tried zeek/testing/btest/plugins/protocol.bro as Robin suggested and the >>>>> @TEST-EXEC statements worked as expected. >>>>> >>>>> -AK >>>>> >>>>> On Wed, Mar 13, 2019, 09:51 Vlad Grigorescu <v...@es.net> wrote: >>>>> >>>>>> On Wed, Mar 13, 2019 at 10:17 AM anthony kasza < >>>>>> anthony.ka...@gmail.com> wrote: >>>>>> >>>>>> >>>>>>> However, the docs don't detail much beyond creating a built in >>>>>>> function. A colleague pointed me at this quickstart script for binpac: >>>>>>> https://github.com/grigorescu/binpac_quickstart >>>>>>> >>>>>> >>>>>> Oops! Sorry about that. Try this one: >>>>>> https://github.com/esnet/binpac_quickstart >>>>>> >>>>>> That has a '--plugin' option. That will at least get the boilerplate >>>>>> stuff built, and then you can start digging into the protocol specifics. >>>>>> >>>>>> --Vlad >>>>>> >>>>> _______________________________________________ >>>>> zeek-dev mailing list >>>>> zeek-dev@zeek.org >>>>> http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev >>>>> >>>>
_______________________________________________ zeek-dev mailing list zeek-dev@zeek.org http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev
