11 Dec
2011
11 Dec
'11
1:27 a.m.
When i was processing traces downloaded from WAND, it was reported that "Unknown data
link type 0x9".
I am using Bro 2.0 Beta.
If not, is there any solution?
Readon Shaw
11 Dec
11 Dec
4:59 p.m.
On Dec 11, 2011, at 4:27 AM, Readon Shaw wrote:
When i was processing traces downloaded from WAND, it
was reported that "Unknown data link type 0x9".
I am using Bro 2.0 Beta.
If not, is there any solution?
Unfortunately we don't support PPP packets (link type 9) yet. If you point us to the
traces you're are using though, we can make sure that we support PPP when we get
around to reworking our packet input process.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
6:07 p.m.
I have attached a pcap file in previous mail.
On Dec 11, 2011, at 4:27 AM, Readon Shaw wrote:
--------------
Readon Shaw
When i was processing traces downloaded from
WAND, it was reported that "Unknown data link type 0x9".
I am using Bro 2.0 Beta.
If not, is there any solution?
Unfortunately we don't support PPP packets (link type 9) yet. If you point us to the
traces you're are using though, we can make sure that we support PPP when we get
around to reworking our packet input process.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
3850
days inactive
3851
days old
2 comments
2 participants
participants (2)
-
Readon Shaw -
Seth Hall