Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Reduce snaplen default from 65535 to old default of 8192. (fixes #720)

Browse source 
Also replaced the --snaplen/-l command line option with a
scripting-layer option called "snaplen" (which can also be
redefined on the command line, e.g. `bro -i eth0 snaplen=65535`).
This commit is contained in:
Jon Siwek 2012-01-04 16:30:15 -06:00
parent e5b3d318a6
commit 645c80f974
2 changed files with 6 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
scripts/base/init-bare.bro
View file

@ -1505,6 +1505,9 @@ const skip_http_data = F &redef;
## UDP tunnels. See also: udp_tunnel_port, policy/udp-tunnel.bro. ## UDP tunnels. See also: udp_tunnel_port, policy/udp-tunnel.bro.
const parse_udp_tunnels = F &redef; const parse_udp_tunnels = F &redef;
## Number of bytes per packet to capture from live interfaces.
const snaplen = 8192 &redef;
# Load the logging framework here because it uses fairly deep integration with # Load the logging framework here because it uses fairly deep integration with
# BiFs and script-land defined types. # BiFs and script-land defined types.
@load base/frameworks/logging @load base/frameworks/logging

10
src/main.cc
View file

@ -97,7 +97,7 @@ extern char version[];
char* command_line_policy = 0; char* command_line_policy = 0;
vector<string> params; vector<string> params;
char* proc_status_file = 0; char* proc_status_file = 0;
int snaplen = 65535; // really want "capture entire packet" int snaplen = 0; // this gets set from the scripting-layer's value
int FLAGS_use_binpac = false; int FLAGS_use_binpac = false;
@ -145,7 +145,6 @@ void usage()
fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n"); fprintf(stderr, " -g|--dump-config | dump current config into .state dir\n");
fprintf(stderr, " -h|--help|-? | command line help\n"); fprintf(stderr, " -h|--help|-? | command line help\n");
fprintf(stderr, " -i|--iface <interface> | read from given interface\n"); fprintf(stderr, " -i|--iface <interface> | read from given interface\n");
fprintf(stderr, " -l|--snaplen <snaplen> | number of bytes per packet to capture from interfaces (default 65535)\n");
fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n"); fprintf(stderr, " -p|--prefix <prefix> | add given prefix to policy file resolution\n");
fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n"); fprintf(stderr, " -r|--readfile <readfile> | read from given tcpdump file\n");
fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n"); fprintf(stderr, " -y|--flowfile <file>[=<ident>] | read from given flow file\n");
@ -372,7 +371,6 @@ int main(int argc, char** argv)
{"filter", required_argument, 0, 'f'}, {"filter", required_argument, 0, 'f'},
{"help", no_argument, 0, 'h'}, {"help", no_argument, 0, 'h'},
{"iface", required_argument, 0, 'i'}, {"iface", required_argument, 0, 'i'},
{"snaplen", required_argument, 0, 'l'},
{"doc-scripts", no_argument, 0, 'Z'}, {"doc-scripts", no_argument, 0, 'Z'},
{"prefix", required_argument, 0, 'p'}, {"prefix", required_argument, 0, 'p'},
{"readfile", required_argument, 0, 'r'}, {"readfile", required_argument, 0, 'r'},
@ -481,10 +479,6 @@ int main(int argc, char** argv)
interfaces.append(optarg); interfaces.append(optarg);
break; break;
case 'l':
snaplen = atoi(optarg);
break;
case 'p': case 'p':
prefixes.append(optarg); prefixes.append(optarg);
break; break;
@ -833,6 +827,8 @@ int main(int argc, char** argv)
} }
} }
snaplen = internal_val("snaplen")->AsCount();
// Initialize the secondary path, if it's needed. // Initialize the secondary path, if it's needed.
secondary_path = new SecondaryPath(); secondary_path = new SecondaryPath();