On Dec 14, 2010, at 2:53 AM, j.sentier206 wrote:
For ICMP, I wanted to access the payload of the
This absolutely makes sense. I'll file a ticket with the changes to the ICMP
analyzer. We'll have to discuss and see if it's something that we want to add.
I can see why you'd want it though.
For SMB, I fixed a small bug and added the processid
Unfortunately, the SMB analyzer does have several bugs that prevent it from working but it
looks like you caught all of them. For the 1.6 release, we're hoping to have high
quality SMB and SMB2 analyzers but they're being completely rewritten. If you have a
further interest in working on SMB+SMB2 analyzers, please let us know, we can point you in
the right direction.