Add script to detect filtered TCP traces, addresses BIT-1119.

If reading a trace file w/ only TCP control packets, a warning is emitted to suggest the 'detect_filtered_traces' option if the user doesn't desire Bro to report missing TCP segments for such a trace file.
2025-10-14 04:28:20 +00:00 · 2014-01-31 17:04:58 -06:00 · 2014-01-31 17:04:58 -06:00 · 0cb2a90da4
commit 0cb2a90da4
parent c671491149
7 changed files with 58 additions and 2 deletions
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@ -3,7 +3,7 @@
 #empty_field	(empty)
 #unset_field	-
 #path	loaded_scripts
-#open	2013-10-30-16-52-28
+#open	2014-01-31-22-54-38
 #fields	name
 #types	string
 scripts/base/init-bare.bro
@ -220,5 +220,6 @@ scripts/base/init-default.bro
  scripts/base/files/unified2/__load__.bro
    scripts/base/files/unified2/main.bro
  scripts/base/misc/find-checksum-offloading.bro
+  scripts/base/misc/find-filtered-trace.bro
 scripts/policy/misc/loaded-scripts.bro
-#close	2013-10-30-16-52-28
+#close	2014-01-31-22-54-38