I’ve been noticing this message... 1232039469.548925 warning in ~/bro/scripts/base/misc/find-filtered-trace.bro, line 48: The analyzed trace file was determined to contain only TCP control packets, which may indicate it's been pre-filtered. By default, Bro reports the missing segments for this type of trace, but the 'detect_filtered_trace' option may be toggled if that's not desired.
I have looked at the script yet, but I’ve seen it often enough with traces that I generally think of as “normal” that I suspect there is something buggy in the script. Anyone have any ideas? .Seth -- Seth Hall International Computer Science Institute (Bro) because everyone has a network http://www.bro.org/
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
