mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 01:28:20 +00:00
13 lines
267 B
Text
13 lines
267 B
Text
# @TEST-EXEC: bro -b -r $TRACES/wikipedia.trace %INPUT
|
|
# @TEST-EXEC: btest-diff 1.pcap
|
|
# @TEST-EXEC: btest-diff 2.pcap
|
|
|
|
global i: count = 0;
|
|
|
|
event new_packet(c: connection, p: pkt_hdr)
|
|
{
|
|
++i;
|
|
dump_current_packet(cat(i, ".pcap"));
|
|
if ( i >= 3 )
|
|
terminate();
|
|
}
|