From f2c2da92c6505a2a979051e553ff4043f1317a0e Mon Sep 17 00:00:00 2001
From: Bernhard Amann <bernhard@icsi.berkeley.edu>
Date: Tue, 8 Apr 2014 11:53:01 -0700
Subject: [PATCH] add to local.bro, add disclaimer

---
 scripts/policy/protocols/ssl/heartbleed.bro | 2 ++
 scripts/site/local.bro                      | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/scripts/policy/protocols/ssl/heartbleed.bro b/scripts/policy/protocols/ssl/heartbleed.bro
index 0e5abc7ab3..d66ff4df2a 100644
--- a/scripts/policy/protocols/ssl/heartbleed.bro
+++ b/scripts/policy/protocols/ssl/heartbleed.bro
@@ -1,5 +1,7 @@
 module Heartbleed;
 
+# Please note - this is not well tested. Use at your own risk.
+
 redef record SSL::Info += {
 	last_originator_heartbeat_request_size: count &optional;
 	last_responder_heartbeat_request_size: count &optional;
diff --git a/scripts/site/local.bro b/scripts/site/local.bro
index e1a3574424..bb2cc73a53 100644
--- a/scripts/site/local.bro
+++ b/scripts/site/local.bro
@@ -81,3 +81,5 @@
 # Detect SHA1 sums in Team Cymru's Malware Hash Registry.
 @load frameworks/files/detect-MHR
 
+# Load heartbleed detection. Only superficially tested, might contain bugs.
+@load policy/protocols/ssl/heartbleed